23542300x8000000000000000247282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:49.842{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=3B5D96C3EA69ED43F569B9792C0DD402,SHA256=654275578F52C14D63CD9B219377D45FE256D9EE2A6E159DD9FCEADA3F953A3D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:49.842{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=F35636796A59861698EC2FDECE28FB29,SHA256=458059D445FB091CB638A02321D4AFC76FD6ED343BA6CABF3C4909649D2622F5,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:49.672{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F05-61E8-420A-000000002302}6992C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:49.670{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:49.670{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:49.669{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:49.669{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:49.669{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0F05-61E8-420A-000000002302}6992C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000247274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:49.668{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F05-61E8-420A-000000002302}6992C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000247273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:49.667{ED6274ED-0F05-61E8-420A-000000002302}6992C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000247272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:49.641{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=06A3E7262EA0DD1912561F8C1EBD6F6E,SHA256=0AA9295CE70043073AB8256CE8EC6F8A9FC8757D206FC41BCC9B6F4A248E0D0F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178025Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:49.853{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8E1191FF1359EC759718A8E7BDFF1549,SHA256=0752EC870705B05DA6C810B9BDBF752680C27EB5CBEA5DF0DD91BAB496F91D3B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178027Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:50.855{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=55EA2D1FE9527F1C7AA251979CA18E54,SHA256=6D098DA92B97C75EADDC683B95B56061504EC831D0D8CD748F070E7669230673,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:50.781{ED6274ED-0F06-61E8-430A-000000002302}79527516C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000247291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:50.662{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8A3E5D653421156CF67E3CD5A330E7A4,SHA256=9F0C81ED1473F07D1E1A125AAA6B22BFC21A28D71A19175D98015447D1F2DC6E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:50.379{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F06-61E8-430A-000000002302}7952C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:50.377{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:50.376{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:50.376{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:50.376{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:50.376{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0F06-61E8-430A-000000002302}7952C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000247284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:50.375{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F06-61E8-430A-000000002302}7952C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000247283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:50.374{ED6274ED-0F06-61E8-430A-000000002302}7952C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 354300x8000000000000000178026Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:47.087{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53295-false10.0.1.12-8000- 23542300x8000000000000000178029Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:51.856{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=76B68ADB8D1D4DCD86E0C28DF4048B81,SHA256=63C6A8ACA3A9659CAA3A5E0E9D0C9458C03E5EE4DF16BB3640FA4E03C1BE1CBB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:51.677{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F8C7D165057B7F0967F991B343365E81,SHA256=DF4DE123D80012E61A9B07F62C7674B13D34474DB56EC4076256D6C6781CDBA1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178028Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:51.061{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\respondent-20220119080814-299MD5=26E1A90A17A870013EF4C4218FE87777,SHA256=02B0674969846812EB5EACE6FE845327C5B46FC53D45D3793660008BF07077BC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:51.407{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=3B5D96C3EA69ED43F569B9792C0DD402,SHA256=654275578F52C14D63CD9B219377D45FE256D9EE2A6E159DD9FCEADA3F953A3D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178032Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:52.908{F0653C0F-C6EC-61E7-1F00-000000002402}1924NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178031Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:52.908{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=90DB19F1FC0FBE0CDE15BC4BD20AB074,SHA256=6EEFD2FC27BCCC8B649E348A68C894C99AE49ED7DB1F829E3EE408036828BED2,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.820{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F08-61E8-450A-000000002302}668C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.820{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.820{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.820{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.820{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.820{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0F08-61E8-450A-000000002302}668C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000247306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.820{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F08-61E8-450A-000000002302}668C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000247305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.821{ED6274ED-0F08-61E8-450A-000000002302}668C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000247304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.689{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2EA107D6DF6C931EB2E992C163CBFA53,SHA256=8152AB91A935360E0775103EB3C2A049DCE4F1F667489E77A0D9C8F7FBE13E32,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178030Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:52.060{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\surveyor-20220119080812-300MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.541{ED6274ED-0F08-61E8-440A-000000002302}60003340C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.277{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F08-61E8-440A-000000002302}6000C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.277{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.277{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.277{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.277{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.277{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0F08-61E8-440A-000000002302}6000C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000247296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.277{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F08-61E8-440A-000000002302}6000C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000247295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.278{ED6274ED-0F08-61E8-440A-000000002302}6000C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178033Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:53.939{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=17B559B4CA29748867A276494CCF8BAE,SHA256=1A83DEA3F5EE51A898830220F2FE4CFF44850EB5820EE2239F629065E86D2244,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:53.697{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D4D1733606EC54FB772048E02BEF9637,SHA256=EEF843F496E776135DB1B0416763CFD2B6657C156A4F273B04EDCADF74D8E86C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:53.280{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=B186021B11BF584BE10AC356EC0D5066,SHA256=DB3B82BD5B305484A59C0C639305CEC4B5CD7163655CBD3E64E0FB54AD20D7C5,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:53.118{ED6274ED-0F08-61E8-450A-000000002302}6687756C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178035Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:54.970{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B369DD0DF3C43D6DB2D7294EA5F2F43F,SHA256=DE3E9C0FEC7CD084AC719467346116C426C70B542E49E6B92E7ED4013A3501BF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:54.713{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4FD952CB9A60D5A6E95A9ADFE5A9D4BC,SHA256=5D57B6EDB94BE168D36AC89CFFE6ED2DAB9414B1EEC9C666388E36AC1101F4AE,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178034Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:52.830{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53296-false10.0.1.12-8089- 10341000x8000000000000000247325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:54.682{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F0A-61E8-460A-000000002302}6352C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:54.682{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:54.682{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:54.682{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:54.682{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:54.682{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-0F0A-61E8-460A-000000002302}6352C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000247319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:54.682{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F0A-61E8-460A-000000002302}6352C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000247318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:54.684{ED6274ED-0F0A-61E8-460A-000000002302}6352C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000247317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:54.413{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=7F95E48203D7CDF66A5052838B3EECEB,SHA256=5E021DF7D59C32026C6EA0D4CAC51A6529DA59CADEA90288F596E06EBEF9B5F6,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000247316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:52.273{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64958-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000247331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:55.736{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=70B4CB3498B80324D3EC85F15A3063A7,SHA256=D35843BF01D992E838B9F68D5AFD4EAB9DA420FABF2696DE0963248C0CA49F5A,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178036Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:53.002{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53297-false10.0.1.12-8000- 23542300x8000000000000000247330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:55.686{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=F9AE74CA762A804E5C60746F1C5A408F,SHA256=D003095CBADD6993B81A72E307C085C8D5F8DEE0D0AC514DC600ABB32915EF40,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000247329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:53.430{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local64959-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000247328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:53.430{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exeNT AUTHORITY\SYSTEMtcptruetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local64959-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 10341000x8000000000000000247327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:55.200{ED6274ED-0F0A-61E8-460A-000000002302}63522628C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000247332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:56.736{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A829FBF661DA4B696C4B5F8A2A6B3DF5,SHA256=429C8CC206E3E6497470D8250BF1F3863D641AB11A7DB6AC856FE74F17A8EE04,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178037Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:56.095{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A31687A7929CC2CC1CED01F1D5F28614,SHA256=840A1EA54B3B6B5E7273687FABE51EF6A3795CF075874CFF831B0AF1EAA84FB7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:57.768{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F0D-61E8-470A-000000002302}4732C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:57.768{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:57.768{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:57.768{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:57.768{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:57.768{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-0F0D-61E8-470A-000000002302}4732C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000247336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:57.768{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F0D-61E8-470A-000000002302}4732C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000247335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:57.768{ED6274ED-0F0D-61E8-470A-000000002302}4732C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000247334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:57.736{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=702AE0339BBE62C1C8A17F838D6ECB96,SHA256=21B872ADBA610F0731EE1C0C104436A968206201B062791BF5D0758977016DDB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178038Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:57.111{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=69F1125128219E55A1D6968BC8990BD3,SHA256=ACB7944132B801AE1104AF2616B96F4B9B8D74D2815605587BD6ECDB417B1ADB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:57.021{ED6274ED-C704-61E7-2B00-000000002302}2988NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:58.776{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=ECBEF8C2859D137619A218DAF1B9A844,SHA256=D2BA4D067890AFB9809FFA603DD421DAD8CE6FCF619CF2536BB51033039E439B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:58.742{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=130A9DBA94B02315F55AA4CE3AD85203,SHA256=FED2986FD2CA9AC9C6F62AD003B4C39D0593EEBC10FDD5A75E408B9D44CF3B8B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178039Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:58.267{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A0FD651CBF670559EA9DF5906CBC6B17,SHA256=360796BB170ABBBCFE18853B4AD3A94ED0AF1945FD8B86BAE7C39173FC59896E,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000247344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:57.070{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64960-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8089- 23542300x8000000000000000247343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:58.005{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=8AA58C1F5AB0FB0715CD13893DF9DDDC,SHA256=311DC7C851F315D20C918CB2A01EDAC88038D405C20AA3AF3FF79F3393D99C66,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:59.750{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E15459798B10C24FA478C4A08CAA0B15,SHA256=6ED595C2AE79AF990AE44F9EBE6273A76CF4A3B6D91905E8A0578999EEB52A1D,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178041Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:58.189{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53298-false10.0.1.12-8000- 23542300x8000000000000000178040Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:15:59.298{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E4F0E1E19E73435A15F513E7513D2746,SHA256=14FC878CD21BEFD47059666F51493D50B637D4B697BCB9F2A337B26970F89481,IMPHASH=00000000000000000000000000000000falsetrue 17141700x8000000000000000247348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:15:59.495{ED6274ED-CBFD-61E7-6801-000000002302}1952\chrome.1952.143.55076218C:\Program Files\Mozilla Firefox\firefox.exe 10341000x8000000000000000247347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:59.495{ED6274ED-CBFD-61E7-6801-000000002302}19525400C:\Program Files\Mozilla Firefox\firefox.exe{ED6274ED-0ECE-61E8-3B0A-000000002302}5584C:\Program Files\Mozilla Firefox\firefox.exe0x2200C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\Mozilla Firefox\xul.dll+2cd00|C:\Program Files\Mozilla Firefox\xul.dll+e1fc3d|C:\Program Files\Mozilla Firefox\xul.dll+e1f6c8|C:\Program Files\Mozilla Firefox\xul.dll+825252|C:\Program Files\Mozilla Firefox\xul.dll+818e51|C:\Program Files\Mozilla Firefox\xul.dll+19c4c23|C:\Program Files\Mozilla Firefox\xul.dll+16762ac|C:\Program Files\Mozilla Firefox\xul.dll+19eb83f|C:\Program Files\Mozilla Firefox\xul.dll+970baf|C:\Program Files\Mozilla Firefox\xul.dll+254ce|C:\Program Files\Mozilla Firefox\xul.dll+1910c8|C:\Program Files\Mozilla Firefox\xul.dll+18ffef|C:\Program Files\Mozilla Firefox\xul.dll+43be401|C:\Program Files\Mozilla Firefox\xul.dll+442a149|C:\Program Files\Mozilla Firefox\xul.dll+442af39|C:\Program Files\Mozilla Firefox\xul.dll+1f98893|C:\Program Files\Mozilla Firefox\firefox.exe+a18f|C:\Program Files\Mozilla Firefox\firefox.exe+1c9f8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000247351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:00.757{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FE56EBA2BC74E70D0CBDA563CA2B96C8,SHA256=C3C4AB705C54E589ECA52FC2CC417FC973C147424CBBF9B0D6B216283D03A443,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178042Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:00.455{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1A7DF9D98092FDC667C455B660B061B5,SHA256=FA34F3614C06006DCDA8DB8C24B8CF61B93D2294461F36AB6E96C86D54068980,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000247350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:15:58.164{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64961-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000247352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:01.760{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=569C1AEE50257E80E797C89D8535E15D,SHA256=0E623E42BC08503FF05E76A558842986F46BE8B5D31899DE279A70313BA5DB10,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178043Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:01.689{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8B16DD08C911DD70E131956AECC3296E,SHA256=3DE8B6F9A9B93EDE74C915A0EEB7EC498769ADFAD1B3FC270E5C19545B795426,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178044Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:02.720{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=404B3A2C5C1999130B01219BB5EE1F49,SHA256=EF210F25F963C0065B632A64FA851BD9F2372C4438E8B7D0153370BA71D49B5A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:02.777{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=492A302590CA5DC486437D086C250CBE,SHA256=0EF45DEA36C22D9A417C85E1A0EB000E5D5CEA4F3CA28F1AA7C8B89A31788A0F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178045Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:03.736{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=423E803EB97AD089C461240EA393C92D,SHA256=25988AFD9088315AF9CB74CEBC98ECC6B70DCF62D5E7A1B6D63A92D64F8EDB11,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:03.791{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4DDB956D639F6F26BD5619D611592E65,SHA256=913FF7C5D4697EB90C4337CA1D480BD52A41C833BBF2098F55DF90915091FB6D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178046Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:04.752{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C0CF33653E0026792528AC547DCC08BE,SHA256=5FE24D58F541BA71C97E59026DFAD18508903EF984D999EE60E8312ADC819A55,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:04.809{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5C93692AFEB099B362DAEC7845AF1B85,SHA256=F2A2DEEDFA04323DF49240F372053F5FEB7AD710A6F8413EA0036D79A69B5D66,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:05.839{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DD175A544E6C22168120E9D298A261D0,SHA256=834DB339B0C8C55815132AF3564B95877E081D0E554BC575AF4029262D138FBD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178047Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:05.783{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=999FFB506B99396E55DA35D615DD1A96,SHA256=3DE00CD958491107F3369B5A2F415783335706F73361FF322EC6D954E378278D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:06.854{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0C5CECDC57B21CCE5C0976BCB0E2CE37,SHA256=28A253EE4B26E722AEF01AD0A75BE3FB8377576AF52E48442B56A54E12EB3378,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178049Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:06.814{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=743C2B1C5D7093ACE62A70964AB39F3F,SHA256=D05AE6EB807DA80FADC82A3B7A7C26894B236CDF24694C6D9FA45CEC07EFB414,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000247357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:04.138{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64962-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 354300x8000000000000000178048Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:04.142{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53299-false10.0.1.12-8000- 23542300x8000000000000000247359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:07.884{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EEEBED6EDA5DAD694915C0CD2D4424DD,SHA256=37A96821D2F5A41ECAC2C82E9C8366FCD78DEF76D553662D6CA85F44C4010E05,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178050Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:07.845{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8CF9EE9258165632387F7B13B5D1D568,SHA256=6E3A2E2A4503385C37BCD935090093A15857C3307AAD4DD3BE3796EE2DFACC3C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178051Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:08.892{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B77A2F7F0A442A9548D46F990CD30B71,SHA256=C85AEBD947F4229A4B655FE1BF2703BF0F858098BE3399B8A7820B6299539FB3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:08.888{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DD9592D5FCED6170937C7970E93D28D1,SHA256=2006D436195BE85402EEEA9D08FB396A484B0655E41C3CF8CC1E082BF343E427,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:09.903{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1A8D02BC46EDFDE349E472DC665527DF,SHA256=3672DBD08D0D5F0B4EF26CD90DACF1478F394E50A1BE97EE22997313A068FEC9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178052Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:09.908{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F5588DDAA5D3D1086F6F843E9AE3265A,SHA256=AE2CF35FA358073E9E753D9AD8F01834850EA43514D853E90E7280D2AE159A72,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:10.908{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AB066AF1F5082DC1001ABEFFB7A59E51,SHA256=7263534593AA15895FD879ECB47AA5C8968525610706B259AE2ADE98C744D12F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178053Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:10.939{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0C90D5FF9B3B71C0220EBC73F185473C,SHA256=A67ACCACCE115AF86410EA1713F0CDE76BA620CD2461D085EEB8B9980C51B3F4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178055Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:11.939{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2268A35A41B6E76E04A0D2EBD3394D9A,SHA256=9D7C1367627CBDAB8AAEFB571BA22A5D1BAB83EEDCA153E86322823FD94B6D4F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:11.917{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3EA5E9E051223DDE3A20BAF37B48F38A,SHA256=32B572ECAB817F2E9A1D26A88E2A198FB57E2604CDF72D9AF1E03E22E89DFB79,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000247363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:10.137{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64963-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 354300x8000000000000000178054Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:09.173{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53300-false10.0.1.12-8000- 23542300x8000000000000000178056Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:12.986{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=465AC1BC8AA66E3E016F885E55F1089C,SHA256=F40C32932A7B167788884E821609637D7432E382089ADD64C74A8644DC678985,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:12.925{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8F1EEB3D0212176638C8B10A597642C2,SHA256=FF7CFB07A67828EC1159DE1D104C3198939DD5E2E11AD054214C0285270673C7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:13.940{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=916C17B8F3FCA523EB02C6401D288286,SHA256=90B07B4ED7EF624BA59F8D3318AA7943B246C3D075A94A65355DDC9982B8BAAF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178057Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:13.939{F0653C0F-C6EB-61E7-1100-000000002402}980NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.datMD5=418FA5BF1DE93468CDF69F6413749207,SHA256=176F6D5065A55A2516FD34D41AD64D2D1EDBF68446F0C3FDA8C8082787746B10,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:14.942{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=254EE9DFE6978927077D2981B0B5B18B,SHA256=EFF1F38F909F5B2BF3852A8E5E797281C5737F0D499915765EF60853531BC1A4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178068Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:14.095{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DC1362139701B13E4F2B9BE7268764AB,SHA256=51C7EF921EF80FB270697E4F4A3726868ED946E3CB2AD49CB4BF6563F6E09BD8,IMPHASH=00000000000000000000000000000000falsetrue 13241300x8000000000000000178067Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:16:14.017{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeConfidenceDWORD (0x00000006) 13241300x8000000000000000178066Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:16:14.017{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeTickCountQWORD (0x00000000-0x011a1977) 13241300x8000000000000000178065Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:16:14.017{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeLowQWORD (0x01d80d2e-0x59f524ef) 13241300x8000000000000000178064Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:16:14.017{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeEstimatedQWORD (0x01d80d36-0xbbb98cef) 13241300x8000000000000000178063Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:16:14.017{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeHighQWORD (0x01d80d3f-0x1d7df4ef) 13241300x8000000000000000178062Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:16:14.017{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeConfidenceDWORD (0x00000006) 13241300x8000000000000000178061Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:16:14.017{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeTickCountQWORD (0x00000000-0x011a1977) 13241300x8000000000000000178060Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:16:14.017{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeLowQWORD (0x01d80d2e-0x59f524ef) 13241300x8000000000000000178059Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:16:14.017{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeEstimatedQWORD (0x01d80d36-0xbbb98cef) 13241300x8000000000000000178058Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:16:14.017{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeHighQWORD (0x01d80d3f-0x1d7df4ef) 23542300x8000000000000000247368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:15.943{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=43548D42061083DAE695E9D543DFEBC9,SHA256=02AE340988BDA37B395F1CFEB9D45295F9A1743DE07E45E11F10EC64D2E68C1C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178069Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:15.142{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8732EF14918B9D6D8072BCBD65CB4017,SHA256=CB89506D50408606CE00EBDAD2765CB93ED1A674F33F1A71FB8652F79E4F8F6D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:16.948{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5EC3141A51355820CDCB4D9B9A5A7D89,SHA256=3E56ADC398ACF09F5D3EBCDC1D68655CC686D4EC09D85DB66A28909E54C7B95F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178070Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:16.173{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1E79313E073173A5A4FE77B151E19CD0,SHA256=7D26E1726795E098A82731B2D2EE5CA86B945BA8264A4FFAE7D05E2DC40B0C0E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:17.953{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2BAE9209749BACE87DDF8498798A3196,SHA256=9F616DC2DC87DE9B13E6022ED70793B3E3D2E1DF63CD933AD38FDAD31D49EC23,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178072Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:15.158{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53301-false10.0.1.12-8000- 23542300x8000000000000000178071Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:17.174{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BFA38E77E6041B0CD1057E251FC18571,SHA256=8CC4CEAECA57357D144A1A21940E02D900E080146A949B6EE09428B4C97FDB88,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000247370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:15.191{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64964-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000178073Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:18.174{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7A17588AD89676338FB24F8F9D783863,SHA256=93EEBB5A76E2E18686B413C1281042DA3559E90C5B845469A500A0DFB6C36F65,IMPHASH=00000000000000000000000000000000falsetrue 18141800x8000000000000000247397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:18.673{ED6274ED-0D90-61E8-F109-000000002302}7000\mojo.7000.7832.2068201341529320804C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 17141700x8000000000000000247396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:16:18.673{ED6274ED-0D90-61E8-F109-000000002302}7000\mojo.7000.7832.2068201341529320804C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 23542300x8000000000000000247395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.647{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\respondent-20220119080839-299MD5=31AE3B99E9722C70B2B0BF5629B78D35,SHA256=018F3996AECFCFD96518A9A6A1237881C0D4A214E94965D02F176A723ABECB27,IMPHASH=00000000000000000000000000000000falsetrue 18141800x8000000000000000247394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:18.638{ED6274ED-0D90-61E8-F109-000000002302}7000\mojo.7000.7832.4217431782065626535C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 17141700x8000000000000000247393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:16:18.622{ED6274ED-0D90-61E8-F109-000000002302}7000\mojo.7000.7832.4217431782065626535C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 10341000x8000000000000000247392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.622{ED6274ED-0D90-61E8-F109-000000002302}70007832C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F22-61E8-480A-000000002302}7988C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x101451C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+10eaefa|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+edd422|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+11cfed3|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+11cfd8b|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15dc831|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d80a63|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cee703|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d7b443|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d7b443|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cedaac|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+27cd3de|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cf6bd2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1176147|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2caf72c 10341000x8000000000000000247391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.622{ED6274ED-0D90-61E8-F109-000000002302}70007832C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F22-61E8-480A-000000002302}7988C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x101451C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+10eaefa|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+edd422|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+11cfed3|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+11cfd8b|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15dc831|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d80a63|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cee703|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d7b443|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d7b443|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cedaac|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+27cd3de|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cf6bd2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1176147|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2caf72c 10341000x8000000000000000247390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.622{ED6274ED-0D90-61E8-F109-000000002302}70007832C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F22-61E8-480A-000000002302}7988C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x101451C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+10eaefa|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+edd422|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+11cfed3|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+11cfd8b|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15dc831|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d80a63|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cee703|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d7b443|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d7b443|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cedaac|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+27cd3de|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cf6bd2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1176147|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2caf72c 10341000x8000000000000000247389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.622{ED6274ED-0D90-61E8-F109-000000002302}70007832C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F22-61E8-480A-000000002302}7988C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x101451C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+10eaefa|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+edd422|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+11cfed3|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+11cfd8b|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15dc831|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d80a63|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cee703|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d7b443|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d7b443|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cedaac|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+27cd3de|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cf6bd2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1176147|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2caf72c 10341000x8000000000000000247388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.622{ED6274ED-0D90-61E8-F109-000000002302}70007832C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F22-61E8-480A-000000002302}7988C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x101451C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+10eaefa|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+edd422|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+11cfed3|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+11cfd8b|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15dc831|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d80a63|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cee703|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d7b443|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2d7b443|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cedaac|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+27cd3de|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2cf6bd2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1176147|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2caf72c 10341000x8000000000000000247387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.622{ED6274ED-0D91-61E8-F309-000000002302}63488032C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F22-61E8-480A-000000002302}7988C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1f3fffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1aaf332|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1aaf096|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 18141800x8000000000000000247386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:18.622{ED6274ED-0F22-61E8-480A-000000002302}7988\crashpad_7000_NYMDCECJGBDLEUVNC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 354300x8000000000000000247385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:16.729{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local49776-false162.159.133.233-443https 354300x8000000000000000247384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:16.726{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local63667- 18141800x8000000000000000247383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:18.470{ED6274ED-0D90-61E8-F109-000000002302}7000\mojo.7000.7832.141092122340619443C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 17141700x8000000000000000247382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:16:18.470{ED6274ED-0D90-61E8-F109-000000002302}7000\mojo.7000.7832.141092122340619443C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 10341000x8000000000000000247381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.457{ED6274ED-C837-61E7-A600-000000002302}34043900C:\Windows\system32\csrss.exe{ED6274ED-0F22-61E8-480A-000000002302}7988C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000247380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.444{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.444{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.443{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.443{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.442{ED6274ED-0D90-61E8-F109-000000002302}70007888C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F22-61E8-480A-000000002302}7988C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\wow64.dll+10c0b|C:\Windows\System32\wow64.dll+10499|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6f66c(wow64)|C:\Windows\System32\KERNELBASE.dll+d9278(wow64)|C:\Windows\System32\KERNELBASE.dll+159ded(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1bd7233|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+17502e4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1330bd9|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+6a5c8e|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+e0d0ab|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+b93eb9|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2caf72c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1abbd83|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2e6dfc6|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2fa0a09|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1f35275|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+10ed983 154100x8000000000000000247375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.442{ED6274ED-0F22-61E8-480A-000000002302}7988C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe1.0.9003DiscordDiscordDiscord Inc.Discord.exe"C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe" --type=renderer --autoplay-policy=no-user-gesture-required --field-trial-handle=1452,9271703145533476488,5066150233476241661,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --disable-gpu-compositing --lang=en-US --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\resources\app.asar" --enable-sandbox --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3084 /prefetch:1 --enable-node-leakage-in-renderersC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932LowMD5=1C13935AEFF94D2473978482644CC599,SHA256=688709B3754C5446702062DFF138369DF87B5C21C865D40430628890B95F66DB,IMPHASH=5D7A734E608F216C0FFB097FFEF8C434{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe"C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe" --squirrel-firstrun 10341000x8000000000000000247374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.442{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-0F22-61E8-480A-000000002302}7988C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 18141800x8000000000000000247373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:18.304{ED6274ED-0D90-61E8-F109-000000002302}7000\mojo.7000.3380.10188206526320424565C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 17141700x8000000000000000247372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:16:18.304{ED6274ED-0D90-61E8-F109-000000002302}7000\mojo.7000.3380.10188206526320424565C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 23542300x8000000000000000178074Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:19.189{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E9789B5A3A99850EFBBE80F181BB597D,SHA256=29C58F6F190C07001EEF043A5C79B348F4B4F5FE3D682ADEAFC44259E4C02B2C,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000247409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.744{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local54840-false104.16.168.131-443https 22542200x8000000000000000247408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.314{ED6274ED-0D92-61E8-F709-000000002302}7808newassets.hcaptcha.com0104.16.168.131;104.16.169.131;C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 22542200x8000000000000000247407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.213{ED6274ED-0D92-61E8-F709-000000002302}7808hcaptcha.com0104.16.168.131;104.16.169.131;C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 22542200x8000000000000000247406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:16.663{ED6274ED-0D92-61E8-F709-000000002302}7808discordapp.com0162.159.133.233;162.159.134.233;162.159.135.233;162.159.129.233;162.159.130.233;C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 23542300x8000000000000000247405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:19.640{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\surveyor-20220119080836-300MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000247404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.618{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local50469- 354300x8000000000000000247403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.376{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local52734- 354300x8000000000000000247402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.283{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratortcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local57697-false104.16.168.131-443https 354300x8000000000000000247401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:18.274{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local52005- 23542300x8000000000000000247400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:19.461{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=6D4D80498879AE201AD18F3AE4BC493C,SHA256=1877BD9E853E9EA90FBBCCE790986B3292ACD33162B92F86D43D32C42EC7CA7F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:19.457{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=F8AE3F7F4093BFA9C65C11594A690F32,SHA256=E79151CA7DD9D0EF99BDC55E9ED482BBCB4C862AB5013D57D863214C7C5DD303,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:19.281{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F770FBF9562AAD082904492BD094D211,SHA256=0D841C8093479EAAAEB66A7B1E3ABE90DB61FF31498B6ACD0C6CC2A65A45D8C0,IMPHASH=00000000000000000000000000000000falsetrue 534500x8000000000000000247411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:20.704{ED6274ED-0F22-61E8-480A-000000002302}7988C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 23542300x8000000000000000247410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:20.306{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F4B5CABB424D0502A4677E27D6232391,SHA256=6D6633DB1B4ECDC08360731DC3A2D9ED951A1E6565A559CBF1804A7E9C364FB6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178075Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:20.205{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E9C45FCCAAAD9A2A2D8326E0D00550A8,SHA256=409ABA6B72ACB817B78081C786C1DDB2F58E6BFAA4412BC8E972B92348124002,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:21.925{ED6274ED-C6F2-61E7-0D00-000000002302}9004872C:\Windows\system32\svchost.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:21.925{ED6274ED-C6F2-61E7-0D00-000000002302}9004872C:\Windows\system32\svchost.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:21.925{ED6274ED-C6F2-61E7-0D00-000000002302}9004872C:\Windows\system32\svchost.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000247412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:21.310{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F0BE4D021BFE6B11166C6CE38E55EF9B,SHA256=9A3B1245DC8F13C88A28746AE6AC9DC9CFAC706E34499D925E60F848D80E4E46,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178076Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:21.220{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=12FAD84A23EE5327C30A5F4E55795787,SHA256=0DE1C9F3B2A0717D38A750ACD59B700946C27F52F6BA1D109EC70C33900CCEF9,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178104Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.892{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F26-61E8-FE08-000000002402}1724C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178103Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.892{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-0F26-61E8-FE08-000000002402}1724C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178102Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.892{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178101Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.892{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178100Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.892{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178099Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.892{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178098Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.892{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178097Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.892{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178096Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.892{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178095Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.892{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178094Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.892{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178093Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.892{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F26-61E8-FE08-000000002402}1724C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178092Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.893{F0653C0F-0F26-61E8-FE08-000000002402}1724C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000178091Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.705{F0653C0F-0F26-61E8-FD08-000000002402}14323276C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178090Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.392{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F26-61E8-FD08-000000002402}1432C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178089Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178088Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178087Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178086Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178085Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178084Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178083Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178082Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178081Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178080Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.392{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-0F26-61E8-FD08-000000002402}1432C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178079Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.392{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F26-61E8-FD08-000000002402}1432C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178078Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.393{F0653C0F-0F26-61E8-FD08-000000002402}1432C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178077Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:22.236{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=60E361E819835E039E9770A1CCD805F3,SHA256=5FE4D45EA85414A32549AAA5BDD4B0A9F212C3694AB95F7BDAED8AFBAADE39BB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:22.354{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F6DE7580729C7D8BDDB84D8776CF705F,SHA256=F01AD36B2DBD56601EBB7F64F55BA79899EACDCEF06830D2A3FF7A49C0EF20F4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:22.053{ED6274ED-C6F3-61E7-1300-000000002302}704NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.datMD5=0B465717B754F0A94FAFB91767FFF9FB,SHA256=1165F368396C6AD8F5B7A8BE135FD2C7C278F9783CBD1A06F2995BD172BBD7FF,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178121Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:21.048{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53302-false10.0.1.12-8000- 23542300x8000000000000000178120Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.689{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=6E185D928FBCDDF760B86C1AF61A45BC,SHA256=FA3CF490ADC5E24229E70B6B65502CEE44BE9DE8D6579F7A0EC684993A50AA08,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178119Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.689{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EC0C698873887D95E9C597A3812B4581,SHA256=261B07646114B99F373E613923D2BF94DA3EA9636698A972D622D6FA74E3C094,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178118Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.689{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=9F764DED4E9B77DA14276F38444DDA87,SHA256=AA9AAB7593FFEBE31F20F851DDBC1C9A73E6D900F99CF569AEA1E648D4FA2380,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178117Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.392{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F27-61E8-FF08-000000002402}3408C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178116Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178115Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178114Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178113Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178112Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178111Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178110Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178109Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178108Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.392{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178107Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.392{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-0F27-61E8-FF08-000000002402}3408C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178106Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.392{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F27-61E8-FF08-000000002402}3408C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178105Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:23.393{F0653C0F-0F27-61E8-FF08-000000002402}3408C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000247463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.630{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4897EDA00B4ECB1EA1D483FDD0C78135,SHA256=D25A7928BC31AD84D96562DD4356A87184B321D0FA792A33A449F51503FE006B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000247462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:21.179{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local57698-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 13241300x8000000000000000247461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localT1060,RunKeySetValue2022-01-19 13:16:23.397{ED6274ED-0F27-61E8-4B0A-000000002302}7896C:\Windows\SysWOW64\reg.exeHKU\S-1-5-21-1045181283-1041755688-4012098945-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\DiscordC:\Users\Administrator\AppData\Local\Discord\Update.exe --processStart Discord.exe 10341000x8000000000000000247460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.376{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-0F27-61E8-4C0A-000000002302}7012C:\Windows\system32\conhost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.376{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-0F27-61E8-4C0A-000000002302}7012C:\Windows\system32\conhost.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.371{ED6274ED-0F27-61E8-4C0A-000000002302}70127868C:\Windows\system32\conhost.exe{ED6274ED-0F27-61E8-4B0A-000000002302}7896C:\Windows\SysWOW64\reg.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.358{ED6274ED-C837-61E7-A600-000000002302}3404372C:\Windows\system32\csrss.exe{ED6274ED-0F27-61E8-4C0A-000000002302}7012C:\Windows\system32\conhost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\SYSTEM32\CSRSRV.dll+1a30|C:\Windows\SYSTEM32\CSRSRV.dll+5c09|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000247456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.355{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-0F27-61E8-4C0A-000000002302}7012C:\Windows\system32\conhost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.341{ED6274ED-C837-61E7-A600-000000002302}34043476C:\Windows\system32\csrss.exe{ED6274ED-0F27-61E8-4B0A-000000002302}7896C:\Windows\SysWOW64\reg.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000247454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.339{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.339{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.339{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.338{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.336{ED6274ED-0D90-61E8-F109-000000002302}70003380C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F27-61E8-4B0A-000000002302}7896C:\Windows\SysWOW64\reg.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\wow64.dll+10c0b|C:\Windows\System32\wow64.dll+10499|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6f66c(wow64)|C:\Windows\System32\KERNELBASE.dll+d9278(wow64)|C:\Windows\System32\KERNELBASE.dll+d7f5c(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1a7b17e|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1a24434|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2882928|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2bde7f7|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2 154100x8000000000000000247449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.337{ED6274ED-0F27-61E8-4B0A-000000002302}7896C:\Windows\SysWOW64\reg.exe10.0.14393.0 (rs1_release.160715-1616)Registry Console ToolMicrosoft® Windows® Operating SystemMicrosoft Corporationreg.exeC:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "C:\Users\Administrator\AppData\Local\Discord\Update.exe --processStart Discord.exe" /fC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=ECB768001DC8424E9B1FF3AC1E89C937,SHA256=CBB9F8D012CB0AF2CA87AC74ABB5C77A7743C64697C8D92104D3EBA27A699AB0,IMPHASH=7EF58A970E6E6D04FE3D5D7732CF5BAA{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe"C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe" --squirrel-firstrun 10341000x8000000000000000247448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.336{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-0F27-61E8-4B0A-000000002302}7896C:\Windows\SysWOW64\reg.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 18141800x8000000000000000247447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:23.335{ED6274ED-0D90-61E8-F109-000000002302}7000\uv\2152EA70-7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 17141700x8000000000000000247446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:16:23.335{ED6274ED-0D90-61E8-F109-000000002302}7000\uv\2152EA70-7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 18141800x8000000000000000247445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:23.335{ED6274ED-0D90-61E8-F109-000000002302}7000\uv\21414F30-7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 17141700x8000000000000000247444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:16:23.335{ED6274ED-0D90-61E8-F109-000000002302}7000\uv\21414F30-7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 18141800x8000000000000000247443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:23.335{ED6274ED-0D90-61E8-F109-000000002302}7000\uv\214EDEF0-7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 17141700x8000000000000000247442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:16:23.335{ED6274ED-0D90-61E8-F109-000000002302}7000\uv\214EDEF0-7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 10341000x8000000000000000247441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.317{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-0F27-61E8-4A0A-000000002302}8048C:\Windows\system32\conhost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.317{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-0F27-61E8-4A0A-000000002302}8048C:\Windows\system32\conhost.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.310{ED6274ED-0F27-61E8-4A0A-000000002302}80487616C:\Windows\system32\conhost.exe{ED6274ED-0F27-61E8-490A-000000002302}7908C:\Windows\SysWOW64\reg.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000247438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.305{ED6274ED-0D90-61E8-F109-000000002302}7000ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Local\Discord\installer.db-journalMD5=C91C88772B6E504B4C1C8C56761ACBA4,SHA256=7BC4FDD857924D61A4B5B4389BE2156D3E20756AE7C064CDEF7CF8F5857FE8BA,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.292{ED6274ED-C837-61E7-A600-000000002302}3404372C:\Windows\system32\csrss.exe{ED6274ED-0F27-61E8-4A0A-000000002302}8048C:\Windows\system32\conhost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\SYSTEM32\CSRSRV.dll+1a30|C:\Windows\SYSTEM32\CSRSRV.dll+5c09|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000247436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.289{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-0F27-61E8-4A0A-000000002302}8048C:\Windows\system32\conhost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 18141800x8000000000000000247435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:23.288{ED6274ED-0D90-61E8-F109-000000002302}7000\mojo.7000.7832.8005310922627619329C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 17141700x8000000000000000247434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:16:23.288{ED6274ED-0D90-61E8-F109-000000002302}7000\mojo.7000.7832.8005310922627619329C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 18141800x8000000000000000247433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:23.286{ED6274ED-0D95-61E8-000A-000000002302}7304\chrome.sync.7304.3672.3818043539C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 17141700x8000000000000000247432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:16:23.286{ED6274ED-0D95-61E8-000A-000000002302}7304\chrome.sync.7304.3672.3818043539C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 10341000x8000000000000000247431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.276{ED6274ED-C837-61E7-A600-000000002302}34043476C:\Windows\system32\csrss.exe{ED6274ED-0F27-61E8-490A-000000002302}7908C:\Windows\SysWOW64\reg.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000247430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.269{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.269{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.269{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.269{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.268{ED6274ED-0D90-61E8-F109-000000002302}70003380C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F27-61E8-490A-000000002302}7908C:\Windows\SysWOW64\reg.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\wow64.dll+10c0b|C:\Windows\System32\wow64.dll+10499|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6f66c(wow64)|C:\Windows\System32\KERNELBASE.dll+d9278(wow64)|C:\Windows\System32\KERNELBASE.dll+d7f5c(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1a7b17e|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+1a24434|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2882928|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2bde7f7|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+2b874f2 154100x8000000000000000247425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.267{ED6274ED-0F27-61E8-490A-000000002302}7908C:\Windows\SysWOW64\reg.exe10.0.14393.0 (rs1_release.160715-1616)Registry Console ToolMicrosoft® Windows® Operating SystemMicrosoft Corporationreg.exeC:\Windows\System32\reg.exe query HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v DiscordC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=ECB768001DC8424E9B1FF3AC1E89C937,SHA256=CBB9F8D012CB0AF2CA87AC74ABB5C77A7743C64697C8D92104D3EBA27A699AB0,IMPHASH=7EF58A970E6E6D04FE3D5D7732CF5BAA{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe"C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe" --squirrel-firstrun 10341000x8000000000000000247424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.267{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-0F27-61E8-490A-000000002302}7908C:\Windows\SysWOW64\reg.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 18141800x8000000000000000247423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:23.266{ED6274ED-0D90-61E8-F109-000000002302}7000\uv\21414F30-7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 17141700x8000000000000000247422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:16:23.266{ED6274ED-0D90-61E8-F109-000000002302}7000\uv\21414F30-7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 18141800x8000000000000000247421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:23.266{ED6274ED-0D90-61E8-F109-000000002302}7000\uv\214EDEF0-7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 17141700x8000000000000000247420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:16:23.266{ED6274ED-0D90-61E8-F109-000000002302}7000\uv\214EDEF0-7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 18141800x8000000000000000247419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-ConnectPipe2022-01-19 13:16:23.266{ED6274ED-0D90-61E8-F109-000000002302}7000\uv\214EBDB0-7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 17141700x8000000000000000247418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:16:23.266{ED6274ED-0D90-61E8-F109-000000002302}7000\uv\214EBDB0-7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 23542300x8000000000000000178122Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:24.580{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=65EE11CF94C6F448BEAD190EC16640D5,SHA256=3D172D95F57905911DB027A3B399B750261294FB1158B5FA4948286DB077DA5B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.998{ED6274ED-0D90-61E8-F109-000000002302}7000ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Local\Discord\installer.db-journalMD5=99729D28DF1AA441F1EAD2F2B8F9A71C,SHA256=CBB6EBADC5037609426A11DC4BFA32A038E729C69A668F047196C4EF9EB17664,IMPHASH=00000000000000000000000000000000falsetrue 11241100x8000000000000000247897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localDLL2022-01-19 13:16:24.928{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_modules-1\discord_modules\2b6f62ed4f4\discord_aegis_x86.dll2022-01-19 13:16:24.926 11241100x8000000000000000247896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localDLL2022-01-19 13:16:24.925{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_modules-1\discord_modules\2b6f62ed4f4\discord_aegis_x64.dll2022-01-19 13:16:24.925 11241100x8000000000000000247895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localDLL2022-01-19 13:16:24.889{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_modules-1\discord_modules\2b6f62ed4f4\2\discord_game_sdk_x86.dll2022-01-19 13:16:24.888 11241100x8000000000000000247894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localDLL2022-01-19 13:16:24.885{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_modules-1\discord_modules\2b6f62ed4f4\2\discord_game_sdk_x64.dll2022-01-19 13:16:24.885 354300x8000000000000000247893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.750{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratortcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local50697-false162.159.136.232-443https 354300x8000000000000000247892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.745{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local56618- 23542300x8000000000000000247891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.801{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6026919B75240F0272E0221C6925A84C,SHA256=E7F56606FEAD89C53F3E27029508D1E4C1A2171707481575E6C2C9CD95172BDF,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.759{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.758{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.758{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.757{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.757{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.756{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.756{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.756{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.755{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.755{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.755{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.754{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.753{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.753{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.752{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.752{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.752{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.751{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.750{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.750{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.750{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.749{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.748{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.747{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.746{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.746{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.745{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.745{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.744{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.744{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.743{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.742{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.741{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.740{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.740{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C838-61E7-A900-000000002302}3024C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.739{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.738{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.738{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.737{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.737{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 23542300x8000000000000000247850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.737{ED6274ED-0D90-61E8-F109-000000002302}7000ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Local\Discord\installer.db-journalMD5=50FE239533969FA3FAEF8510AC5B64F6,SHA256=A0876B4CBB5CACB5D321AD2E78C666DE1D7340BFAFB0E5AFF3358F14D994B36D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.736{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.736{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.735{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.735{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2E00-000000002302}2420C:\Windows\system32\wbem\unsecapp.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.735{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.734{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.734{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.732{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.732{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.731{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.731{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.730{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.730{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.729{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.729{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.728{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.727{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.727{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.726{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.726{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.726{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.725{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.724{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.724{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.724{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0F00-000000002302}1016C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.723{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.722{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.722{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.722{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.720{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.711{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-0F28-61E8-4D0A-000000002302}4212C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.704{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.703{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.703{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.702{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.700{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.696{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.693{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.693{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.690{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.690{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.681{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.680{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.677{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.676{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.675{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.675{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.670{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.669{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.669{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.668{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.664{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.664{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.663{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.662{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.662{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.661{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.661{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.661{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.660{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.659{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.659{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.658{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.658{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.656{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.655{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C838-61E7-A900-000000002302}3024C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.654{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 23542300x8000000000000000247782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.654{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4440126066899E7E4F4041B490E55FBC,SHA256=D7078C14E1B9C2B282A8ECE6FF0EB24CBC98F4031F1BE7A8F45CDA0F9FE390E9,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.653{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.652{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.652{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.651{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.650{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 23542300x8000000000000000247776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.649{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=930D94B7514D7C9E86C017EAE0546400,SHA256=3FB714312FC783CE7D06D7AD46FBE48BF1462A6C8D3E98BB37D5A263E39F4ECC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.649{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.648{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.648{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2E00-000000002302}2420C:\Windows\system32\wbem\unsecapp.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 23542300x8000000000000000247772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.648{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=6D4D80498879AE201AD18F3AE4BC493C,SHA256=1877BD9E853E9EA90FBBCCE790986B3292ACD33162B92F86D43D32C42EC7CA7F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.647{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.647{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.646{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.645{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.644{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.643{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.643{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.642{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.642{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.641{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.640{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.640{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.639{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.638{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.638{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.638{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.637{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.637{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.636{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.636{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.635{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0F00-000000002302}1016C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.635{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.634{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.634{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.633{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.632{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.612{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-0F28-61E8-4D0A-000000002302}4212C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.606{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.605{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.605{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.605{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.604{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.604{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.603{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.603{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.602{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.602{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 354300x8000000000000000247734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.285{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratortcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local56406-false162.159.130.234-443https 354300x8000000000000000247733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.280{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local65286- 354300x8000000000000000247732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.264{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratortcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local57699-false162.159.128.232-443https 10341000x8000000000000000247731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.601{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.601{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.600{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.600{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.599{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.599{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.598{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.598{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.598{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.597{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.597{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.596{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.591{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.586{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.583{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.583{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.582{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.573{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.573{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.572{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.563{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.562{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.562{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.560{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.560{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C838-61E7-A900-000000002302}3024C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.560{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.559{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.558{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.558{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.557{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.557{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.557{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.556{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.556{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2E00-000000002302}2420C:\Windows\system32\wbem\unsecapp.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.555{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.555{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.555{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.553{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.553{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.553{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.552{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.551{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.550{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.549{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.549{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.548{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.547{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.547{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.547{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.546{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.546{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.545{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.545{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.545{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.544{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0F00-000000002302}1016C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.544{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.543{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.542{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.542{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.541{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.517{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-0F28-61E8-4D0A-000000002302}4212C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.491{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.491{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.491{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.490{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.490{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.489{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.489{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.488{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.480{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.479{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.479{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.478{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.477{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.477{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.476{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.470{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.464{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.463{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.463{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.462{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.462{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.461{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.460{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.459{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.458{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.454{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.453{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.452{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.451{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.450{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.450{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.449{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.448{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.447{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.447{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C838-61E7-A900-000000002302}3024C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.445{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.444{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.443{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.443{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.442{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.442{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.442{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.441{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.441{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2E00-000000002302}2420C:\Windows\system32\wbem\unsecapp.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.440{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.440{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.440{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.438{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.438{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.437{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.437{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.436{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.436{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.436{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.435{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.435{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.434{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.433{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.433{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.433{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.430{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.429{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.426{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.426{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.423{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0F00-000000002302}1016C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.423{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.423{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.422{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.413{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.410{ED6274ED-0F28-61E8-4D0A-000000002302}42127548C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000247600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.362{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-0F28-61E8-4D0A-000000002302}4212C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.362{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-0F28-61E8-4D0A-000000002302}4212C:\Windows\system32\wbem\wmiprvse.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+26327|C:\Windows\system32\lsasrv.dll+2746d|C:\Windows\system32\lsasrv.dll+261a5|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.361{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-0F28-61E8-4D0A-000000002302}4212C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\lsasrv.dll+260ed|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 354300x8000000000000000247597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.219{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local55221- 10341000x8000000000000000247596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.283{ED6274ED-C6F3-61E7-1600-000000002302}12167836C:\Windows\system32\svchost.exe{ED6274ED-0F28-61E8-4D0A-000000002302}4212C:\Windows\system32\wbem\wmiprvse.exe0x101541C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\wmiprvsd.dll+20fee|C:\Windows\system32\wbem\wmiprvsd.dll+43f7|C:\Windows\system32\wbem\wmiprvsd.dll+15538|C:\Windows\system32\wbem\wmiprvsd.dll+1498a|C:\Windows\system32\wbem\wmiprvsd.dll+146e6|C:\Windows\system32\wbem\wmiprvsd.dll+140fe|C:\Windows\system32\wbem\wbemcore.dll+b920|C:\Windows\system32\wbem\wbemcore.dll+255ff|C:\Windows\system32\wbem\wbemcore.dll+24a9a|C:\Windows\system32\wbem\wbemcore.dll+2485e|C:\Windows\system32\wbem\wbemcore.dll+2685b|C:\Windows\system32\wbem\wbemcore.dll+22b78|C:\Windows\system32\wbem\wbemcore.dll+22a19|C:\Windows\system32\wbem\wbemcore.dll+21f5a|C:\Windows\system32\wbem\wbemcore.dll+22711|C:\Windows\system32\wbem\wbemcore.dll+2d78c|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.258{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0F28-61E8-4D0A-000000002302}4212C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.234{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-0F28-61E8-4D0A-000000002302}4212C:\Windows\system32\wbem\wmiprvse.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000247593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.233{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0F28-61E8-4D0A-000000002302}4212C:\Windows\system32\wbem\wmiprvse.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6f453|C:\Windows\System32\KERNEL32.DLL+1d37f|c:\windows\system32\rpcss.dll+366d9|c:\windows\system32\rpcss.dll+3bec2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.227{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+f86b|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.227{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+f71b|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.226{ED6274ED-C6F0-61E7-0B00-000000002302}6405532C:\Windows\system32\lsass.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+1b8ad|C:\Windows\system32\lsasrv.dll+2878b|C:\Windows\SYSTEM32\SspiSrv.dll+1467|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000247589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.217{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.217{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.217{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.217{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+316f1(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.217{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.217{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+316f1(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.217{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.217{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.217{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.217{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.217{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+316f1(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.216{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.215{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.215{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.215{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.215{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.215{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.215{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+316f1(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.215{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.215{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.215{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.213{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000247515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.209{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.209{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af 10341000x8000000000000000247490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.203{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.203{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.203{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.202{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.202{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.202{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.202{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.202{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.202{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.202{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.201{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.201{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.201{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.201{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.201{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.201{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.200{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.200{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.200{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.200{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.200{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.200{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.200{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.199{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64) 10341000x8000000000000000247466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.199{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+694b(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+1d6b8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+407c7(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150f91c|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+15100af|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64) 22542200x8000000000000000247465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.197{ED6274ED-0D90-61E8-F109-000000002302}7000dl.discordapp.net0::ffff:162.159.128.232;::ffff:162.159.130.232;::ffff:162.159.134.232;::ffff:162.159.133.232;::ffff:162.159.129.232;C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 22542200x8000000000000000247464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.155{ED6274ED-0D92-61E8-F709-000000002302}7808cdn.discordapp.com0162.159.134.233;162.159.133.233;162.159.129.233;162.159.130.233;162.159.135.233;C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 23542300x8000000000000000178123Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:25.611{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2909C9DEFBF435AADBDD31BEB06FD102,SHA256=C08FC93B9B1F2014F74BA4580AE5991A671CAC050727B012817D9FE274711C3F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:25.819{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=23051167A8C025D6766AD418C484DF39,SHA256=C942036CB84017AB6D46927C88735D935FCA70674598081DA040DDBF56D40BE1,IMPHASH=00000000000000000000000000000000falsetrue 22542200x8000000000000000247899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.217{ED6274ED-0D92-61E8-F709-000000002302}7808gateway.discord.gg0162.159.130.234;162.159.135.234;162.159.134.234;162.159.136.234;162.159.133.234;C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 354300x8000000000000000247904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.661{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local56135- 354300x8000000000000000247903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:24.660{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local64990- 23542300x8000000000000000247902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:26.835{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FB9D3E6B5CDE4C1F0D8BEF3990ECFC67,SHA256=DE9D0C591D645C4D822A6331DA2C81B7B60709D6A8B73181FD72A90E2B8ED68C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178138Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.908{F0653C0F-0F2A-61E8-0009-000000002402}40003724C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178137Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.642{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F2A-61E8-0009-000000002402}4000C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178136Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.642{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178135Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.642{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178134Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.642{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178133Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.642{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178132Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.642{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178131Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.642{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178130Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.642{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178129Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.642{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178128Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.642{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178127Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.642{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-0F2A-61E8-0009-000000002402}4000C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178126Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.642{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F2A-61E8-0009-000000002402}4000C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178125Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.643{F0653C0F-0F2A-61E8-0009-000000002402}4000C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178124Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.627{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B78CD9121B278D8D36D4AD439EEDC15C,SHA256=9CBF05EFD0547524B5A70B5EE56E37671DC6BA9D4E0195D35B24959C84B2A123,IMPHASH=00000000000000000000000000000000falsetrue 22542200x8000000000000000247901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:23.684{ED6274ED-0D92-61E8-F709-000000002302}7808status.discord.com0162.159.136.232;162.159.128.233;162.159.135.232;162.159.137.232;162.159.138.232;C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 10341000x8000000000000000178168Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.955{F0653C0F-0F2B-61E8-0209-000000002402}34802952C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178167Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.752{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=6E185D928FBCDDF760B86C1AF61A45BC,SHA256=FA3CF490ADC5E24229E70B6B65502CEE44BE9DE8D6579F7A0EC684993A50AA08,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178166Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F2B-61E8-0209-000000002402}3480C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178165Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-0F2B-61E8-0209-000000002402}3480C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178164Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178163Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178162Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178161Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178160Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178159Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178158Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178157Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178156Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178155Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F2B-61E8-0209-000000002402}3480C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178154Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.739{F0653C0F-0F2B-61E8-0209-000000002402}3480C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178153Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.736{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=78DCFDB2759BA96E643529FFF2B47949,SHA256=6E96553964857C99C04FAEABA3D4BF5D8A1F171509B16FEC26BAF2458D51540D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:27.842{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=05E1465671AF37A73E492F5C84B4548D,SHA256=1463033A5909D07B87C5AF11D5C4867F27476587C0AB9834A41C4E9134BE0082,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178152Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.330{F0653C0F-0F2B-61E8-0109-000000002402}21161680C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178151Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.142{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F2B-61E8-0109-000000002402}2116C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178150Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.142{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178149Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.142{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178148Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.142{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178147Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.142{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178146Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.142{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178145Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.142{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178144Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.142{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178143Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.142{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178142Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.142{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178141Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.142{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-0F2B-61E8-0109-000000002402}2116C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178140Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.142{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F2B-61E8-0109-000000002402}2116C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178139Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:27.143{F0653C0F-0F2B-61E8-0109-000000002402}2116C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178170Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:28.955{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=51FA72C7BC1B6CFCB5E9B9298750EAEF,SHA256=9D67A82035432B386A70B90AB31DEF91A86894821608BC51B7083BB7FF152BDF,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178169Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:26.970{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53303-false10.0.1.12-8000- 354300x8000000000000000247909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:27.149{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local50698-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000247908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:28.848{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B834CA2EA342DD87387B93D2237DE3A9,SHA256=E15E4814CBBD15564B5E7FDC3F08DBF7DB1BB95B872740C5D9CDD9CA95FE1A8E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000247907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:28.226{ED6274ED-0D92-61E8-F709-000000002302}7808ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\TransportSecurity~RF11a49af.TMPMD5=E1380D00EDF440F6378CA7081246A58F,SHA256=EF8B138E7AA06DFD71E00214A2260A8A7894AFF486F78C3232DAA2D3FF3AA5AC,IMPHASH=00000000000000000000000000000000falsetrue 254200x8000000000000000247906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localT10992022-01-19 13:16:28.215{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\a2e4c7ae-52b2-4f71-8d56-2a039966a154.tmp2022-01-19 13:09:50.0402022-01-19 13:16:28.198 23542300x8000000000000000178184Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.955{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FEE129B3E1F0D8DC8E98BB46C7073905,SHA256=9FAFC9F5B52E8022822F91579BF1A81DC420EABD405344147CCFE25D8929502B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.919{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=181C734B467D4FA74A7A0590FE094910,SHA256=DB5F5806A5689DB9D5E624E2270408D138569F6904DDC0CA1019503EEF99EE23,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.903{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7895DF0E2E3849FF79A35377E526881E,SHA256=1141AE676EE73AF89A72BD899B6C800BD84140E2A1BF288F204453674DF3DF04,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178183Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F2D-61E8-0309-000000002402}508C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178182Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178181Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178180Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178179Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178178Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178177Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178176Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178175Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178174Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178173Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-0F2D-61E8-0309-000000002402}508C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178172Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F2D-61E8-0309-000000002402}508C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178171Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:29.002{F0653C0F-0F2D-61E8-0309-000000002402}508C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000248021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000247960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000247949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.780{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=81475D629793FFD31F740D78EEB53EE2,SHA256=7383B486F50B536AD8B5E725109E6A1EAC207FAFBFB8583106BFF8292115BB42,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000247948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000247934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000247910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:29.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178186Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:30.970{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=17A8156DE15A6FE2CA4683695962B67D,SHA256=203CAB5B4C6980510B98DB164B0CE89DDF2F984AC40E845C572C558327C8C2EC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:30.915{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6CD5D4FFAE95B5C21DBF897EF9E1E306,SHA256=EB1E0DDA484F5329970B45F56603758C9D9479FD185B7E407F6CF53FF637ABC0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178185Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:30.111{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=833E32F437F3BCDB00DDC9CE10FA2429,SHA256=00ECBA8731207B5D34952728070AF1096D4C60DC53B645BAEF35E66978F24388,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178187Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:31.986{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=893F2303BC9F6456BFFE604D36124CAD,SHA256=C7E1E5AB7C8A0D3935842EB910289DD5926E2BAFF8648A911F0024096E5F9BDE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:31.920{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7CAB0E42D1FD05EAF8C5B605BAA7E286,SHA256=C9A1AF186846F28A106B7C86014FBCCC10E9858B4755337F0CF9B544DA751B5B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:32.930{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F0E15886576E99AD6924E129DCAA2BDB,SHA256=8390ED960DD6D0288C3C8F5B404BFB70975151512B31E0AE5ABDEE86746A8704,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:33.937{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2BD431BB5EA88C2632118641FF2E4572,SHA256=43E41CF3E6C2E8622A3D193948C247C6B2C29ADAA35ABE14FE17F5495C667739,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178188Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:33.034{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=39802B024B5836E57ECD36269C3FCB76,SHA256=7DB0BC6D128E1B8F596F7399D5C9D53E711CC75163B596651FA90B9D14F03A89,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178190Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:32.971{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53304-false10.0.1.12-8000- 23542300x8000000000000000178189Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:34.064{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AB1AD127CA600150104D405A0B72AE20,SHA256=5A8D44B0CDA49F805357FD84670E9453C59B0B90984A8721361C1B244C3F801B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000248140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:33.138{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local50699-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000248139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.800{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.797{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.796{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.796{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.796{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.796{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.796{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.794{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.794{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.794{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.794{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.793{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.790{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000248053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.778{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=416B4FE798A27FB6F22FD9C8080EC4A2,SHA256=B456C014A4AE6325AC471A3E316A850E8F4DD152B0CF00BBB58A938C3F5944D5,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.759{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.759{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.759{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.759{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.759{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:34.759{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178191Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:35.267{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B9CF025031CC21EFC56084B60D89D149,SHA256=18984FA980BF37F173DC32C550D351211E9AC4C24E1945E760D16C9389A97FCC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:35.057{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6DE3A31535B92699F9BD136D465391AF,SHA256=79FA01F749F4DC21D54258F1547A82379F08E13E35677C1FB16A429BF40B84B4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:35.042{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BB5122F9A25C8777BA8AC444153A65E9,SHA256=2098C17E54CBE5FF43D287DA7978F54925C3968ECD9A52C5750CF01F87AF9360,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178192Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:36.298{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3E1558F9906F989E2DA8709CBCE77988,SHA256=573C7743CAFA21C5B54E5832F433E6923D74341B91EED50CDDEFC24D5159BDBC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:36.047{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D3462A9695674DCEAF8EBED3AD0B40A1,SHA256=561DDF94BCA93D42492D39B370143BDE3FAF583C926DCF017C1BAF4DC53C0BEC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178193Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:37.330{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=292AD9BD96535F141E9A5B7972FB1CAB,SHA256=AE485E8043C6628A3E3BDF7BD9154E3721D43A794DD46C0CA53D4F8B5C4EA6AE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:37.051{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C308A280C3C8EB21CDDF22481CF610A2,SHA256=BAA4C01F1E048FF433514E035A05582E6E5B560DDDAB4A3C57D0758F71D46F48,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178194Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:38.423{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CF4E53E5784675944B9E5BADE2BDB862,SHA256=31BF5B68413396C80D4BDFAE12020340820680CDD4C1D4C29A1A1E8573F3EA6C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:38.065{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3948D62A7A89C75A8410112346EC524B,SHA256=D9F9939CE1F4FA13C9DA5C9A88F406481A2C4C72C9DE06ACE8A7BEB1D10B767A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178195Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:39.439{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A622E344B3E7A97853BE28066A684C21,SHA256=7846C787A26CA55EC46EB22B0C8B0F2DA3ACAF71C03B90BF155D025D59582612,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000248195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.783{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=746DCA11073723DD5B121D8499B8DABD,SHA256=99F2CAF2A79EC752AFD4D9E43CF2ABF89EE427EC72E78E736C4A9A2F6305FB0B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.766{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.766{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.766{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.766{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.759{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000248146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.070{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=514B39A9399D0CC74D9217A6B17136FD,SHA256=91B2235FCF768F1421C771EDD97EC0B5BD624865D9CF463B00AC61719B10D88B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178197Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:40.455{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8C254AF97287D60B24B21A26B6534B32,SHA256=47DAB6642858BE626D2DFBF2BE6579DD98610246631F88AF3426B3D7965A4ED7,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000248261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:39.134{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local50700-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000248260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:40.177{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EC0FC58A45DA57A2D5557A0E38875F31,SHA256=A37078385DE27BED1E906E4ACE30F751BF985689DD34BB65503806A80E80C930,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:40.165{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=80E11FEAA541914F8CBC70F25A584256,SHA256=0280098FC0EA692D2776C8CE98102410664D3653B9847EB3671B58EFDE18A367,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178196Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:38.188{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53305-false10.0.1.12-8000- 23542300x8000000000000000178198Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:41.455{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6CC26EBA33CCFA0DDA9083010994DF0A,SHA256=B9706984B220EF07C0AA0AC0D5D12B59CEEF4D6B6C10677B99380413230D1C94,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:41.171{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=62E1A1E7C909F3E6199D7AB84ABDE66E,SHA256=28D9692A0A033220B9961CC72F644317E4E87E3EA9B83B1069B56AAF8030DA2B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178199Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:42.470{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A81A0668CEC984DE33A10C59B38DCEEF,SHA256=1DF00351D1F38CA2E2F1F96EDC75E586F6712309DF62D9CFA962854F443BCA23,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:42.191{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8A1E8B4E012BE04226CD7F5DB87530F3,SHA256=EA456532867D5F78ACAF2071F0BF4619E9652F95BACE762F904CC3070BB7F31F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178200Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:43.486{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8F10B523DE32CF84845C4832E3FC421A,SHA256=0D74BCAFB2D84366FCDBF46964F2072052593AA4CA7E043E0B2BF17DF5E7852F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:43.297{ED6274ED-0D92-61E8-F709-000000002302}7808ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\TransportSecurity~RF11a8495.TMPMD5=1546E32BB5BBD5AE352185A95D06F143,SHA256=FEF712E409CBDD74098A5A48BA249B174143ED3E6092D6F39C88091FFEF91933,IMPHASH=00000000000000000000000000000000falsetrue 254200x8000000000000000248265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localT10992022-01-19 13:16:43.296{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\25cdfc83-fe73-4498-b39c-b31c3dbd1962.tmp2022-01-19 13:09:50.0402022-01-19 13:16:43.268 23542300x8000000000000000248264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:43.194{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BA9097DD08DAFDA2C1DA175582693DF9,SHA256=F3D73A303663AAC010508239F1AE2E2E45978DB5555A0B98FE3DE297BFD33663,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.848{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A31B91ABC0E337A75CEF9984C305A267,SHA256=66B855C4180492D1BA9ED2EE804DA3038E4E3F01DC9EA1297975349F0D6BBA53,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178201Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:44.501{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=74820D1BA81F57A20BB9BF0D720C2E38,SHA256=634743AC935026BFDDA5CE871C8CBB9B7E50BFB1F0B061069CE031050E120EB7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000248321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.773{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=936B944FE95FFD88AB66CD512B654FD8,SHA256=72CF89BFD6EB28F9376D2EA6437941BA3AC49987EA9E78B4FAE06570D97EAFF6,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.759{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.759{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.759{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.759{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000248267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:44.200{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2E60EFA8DD585D7A3ADA6EC34252AEA5,SHA256=E571C0CC6796BB9D1DF1E7D7BF822D3892AD4A1ADDED40CEACA7D5658FE39250,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178202Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:45.517{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D16592D082C1DCA9E24E59DAD02B2111,SHA256=23395F9D3FB887AA02B905B88693606F2D14365B47963DE10D98334F6347899C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:45.207{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6218A5E7F779E369331F28C35A5C0212,SHA256=A78ACD0332F923C2177D22BAFB87DDBAAABEBF69E067C9CD2304FFED8CF40161,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178204Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:44.157{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53306-false10.0.1.12-8000- 23542300x8000000000000000178203Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:46.533{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=31ABFA9A47A4CFE778827825B6FE2DD9,SHA256=4A0F33CC2159356D38EA01D04331813F8DA29AAF4505316DCC58D2809C0F33C6,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000248383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:45.074{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local50701-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000248382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:46.217{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=854249F0A58BE0EC6BEAD378B52ACCFF,SHA256=7388E5BCC1C88F6D362500329BAD8D02AF0FAE152C1BD13D4183CB6308943B0E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178205Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:47.533{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E6D71461EA9504A17CA59D30D9EA54EC,SHA256=680CAEF69B5E72E9AE36E80369085E9464AB076A687FEA006E9CF322ACB2A493,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:47.227{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\aborted-session-pingMD5=8A6345F07C7DDB18AE379A9803965F23,SHA256=80EF5E6A350FBC15EE7CA4905710D8E99A1D4F856F4481E953D1DD177A1F9C6D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:47.227{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=25A73D111433DDA97FDE013079744389,SHA256=2DFD3EB6E414C103EB847AD86EEF2C071832F0FEF94A80E2799D67D7F8CF7828,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178206Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:48.548{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AC901CC64E8FC7E3371956F1130C4771,SHA256=3A9E2E6185BED025CB4D26709DEEE690B2F46D0C052883911FA04317DFDBE05F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:48.834{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F40-61E8-4E0A-000000002302}5948C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:48.833{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:48.832{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:48.832{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:48.832{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:48.832{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-0F40-61E8-4E0A-000000002302}5948C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000248388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:48.832{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F40-61E8-4E0A-000000002302}5948C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000248387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:48.830{ED6274ED-0F40-61E8-4E0A-000000002302}5948C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000248386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:48.240{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E391D401CF5A73B8A3EE11D5A175A2F9,SHA256=5EB53481472C42C539CA3347CA9209C224EB3A57565ECA1157DF652E33F735BA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178207Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:49.564{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1B15FAC985BF825E0A8414EE63A47264,SHA256=F1970120869A2A54A9F23BC572A0BABF124C7D2F9815876521389D52C1BE9F3F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.982{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=97D60BC65CC613BDE313D921687FF2A9,SHA256=628AE070D2B57161B47978AC7233BD6C2CF2CD23DE2C679D357682756A65DDC4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.977{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F41-61E8-500A-000000002302}6268C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.974{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.974{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.973{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.973{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0F41-61E8-500A-000000002302}6268C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000248520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.973{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.973{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F41-61E8-500A-000000002302}6268C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000248518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.972{ED6274ED-0F41-61E8-500A-000000002302}6268C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000248517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.836{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=BDA9CDEDED870995103FCD4B62635F1D,SHA256=7610FB1E8AEA27D8EB0097C5426A6AD39CCF4D499BDB4B91B9ECDDBBFDC0D23E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.835{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=930D94B7514D7C9E86C017EAE0546400,SHA256=3FB714312FC783CE7D06D7AD46FBE48BF1462A6C8D3E98BB37D5A263E39F4ECC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.459{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F41-61E8-4F0A-000000002302}7048C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.457{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.457{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.457{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.457{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.456{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0F41-61E8-4F0A-000000002302}7048C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000248398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.456{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F41-61E8-4F0A-000000002302}7048C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000248397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.455{ED6274ED-0F41-61E8-4F0A-000000002302}7048C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000248396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.258{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C9AA4F1E1CB71676185142E5CCA6B706,SHA256=B5063BF4D5F199095640680C819AE68D2574484913475F26D6DC15428EB506A2,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.034{ED6274ED-0F40-61E8-4E0A-000000002302}59484632C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178208Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:50.580{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=665A209C88667767E362D026FE3386EB,SHA256=645D172C9B166E593B49EC4071A97BD81D05454CFF5099E198811D8C8A7F240E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.984{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=BDA9CDEDED870995103FCD4B62635F1D,SHA256=7610FB1E8AEA27D8EB0097C5426A6AD39CCF4D499BDB4B91B9ECDDBBFDC0D23E,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000248554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false188.122.78.174-50003- 354300x8000000000000000248553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false188.122.78.169-50004- 354300x8000000000000000248552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false185.179.203.228-50004- 354300x8000000000000000248551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false185.179.203.229-50002- 354300x8000000000000000248550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false185.179.203.232-50002- 354300x8000000000000000248549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false188.122.66.106-50003- 354300x8000000000000000248548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false188.122.64.162-50002- 354300x8000000000000000248547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false188.122.65.141-50001- 354300x8000000000000000248546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false188.122.66.33-50004- 354300x8000000000000000248545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false188.122.66.113-50001- 354300x8000000000000000248544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false31.204.156.197-50004- 354300x8000000000000000248543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false31.204.156.212-50003- 354300x8000000000000000248542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false31.204.157.55-50001- 354300x8000000000000000248541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false31.204.156.210hosted-by.i3d.net50002- 354300x8000000000000000248540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false31.204.157.51-50004- 354300x8000000000000000248539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false109.200.195.27hosted-by.i3d.net50004- 354300x8000000000000000248538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false109.200.194.197-50003- 354300x8000000000000000248537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false109.200.195.32-50002- 354300x8000000000000000248536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false109.200.195.28-50002- 354300x8000000000000000248535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false109.200.195.25-50004- 354300x8000000000000000248534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false5.200.14.231-50001- 354300x8000000000000000248533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false5.200.14.186-50002- 354300x8000000000000000248532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false213.163.94.30-50003- 354300x8000000000000000248531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false188.122.75.170-50003- 354300x8000000000000000248530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.715{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64656-false213.163.93.34-50001- 354300x8000000000000000248529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.637{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratortcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60271-false162.159.130.235-443https 354300x8000000000000000248528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.628{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local64655- 23542300x8000000000000000248527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.274{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CE993FC5ED78DD61D635ABACA0BE9B18,SHA256=D76AD195549A4150CC2A215AB6DD55C6FB1A1F878010FC871A0F474CF59B4D01,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000248600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-61745- 354300x8000000000000000248599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-51531- 354300x8000000000000000248598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-50300- 354300x8000000000000000248597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-54216- 354300x8000000000000000248596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-64224- 354300x8000000000000000248595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-51090- 354300x8000000000000000248594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-61746- 354300x8000000000000000248593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-61744- 354300x8000000000000000248592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-50246- 354300x8000000000000000248591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-61743- 354300x8000000000000000248590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-51193- 354300x8000000000000000248589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-51488- 354300x8000000000000000248588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.843{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-49498- 354300x8000000000000000248587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.842{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-50779- 354300x8000000000000000248586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.842{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-61740- 354300x8000000000000000248585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.842{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-50193- 354300x8000000000000000248584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.842{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-61741- 354300x8000000000000000248583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.842{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-52949- 354300x8000000000000000248582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.842{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-64315- 354300x8000000000000000248581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.841{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-62891- 354300x8000000000000000248580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.819{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local61748- 354300x8000000000000000248579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.819{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local61747- 354300x8000000000000000248578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local61746- 354300x8000000000000000248577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local61745- 354300x8000000000000000248576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local54216- 354300x8000000000000000248575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local62157- 354300x8000000000000000248574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local51090- 354300x8000000000000000248573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local50300- 354300x8000000000000000248572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local64224- 354300x8000000000000000248571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local51531- 354300x8000000000000000248570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local51193- 354300x8000000000000000248569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local49498- 354300x8000000000000000248568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local50969- 354300x8000000000000000248567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local50246- 354300x8000000000000000248566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.818{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local51488- 354300x8000000000000000248565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.817{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local50193- 354300x8000000000000000248564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.817{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local50779- 354300x8000000000000000248563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.817{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local61741- 354300x8000000000000000248562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.817{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local52949- 354300x8000000000000000248561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.816{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local64315- 354300x8000000000000000248560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.816{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local51043- 354300x8000000000000000248559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.816{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local62891- 354300x8000000000000000248558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.296{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60272-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 22542200x8000000000000000248557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:49.569{ED6274ED-0D92-61E8-F709-000000002302}7808latency.discord.media0162.159.130.235;162.159.129.235;162.159.128.235;162.159.138.234;162.159.137.234;C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 23542300x8000000000000000248556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:51.380{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5CE70BD70B9875055EDA49F5D7A6850F,SHA256=469A4CEBB5708B0881227F86A873DA0ED26B4DE8A1B0B2C853D2887923176909,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178209Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:51.595{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=80576340C3B06FFC638B38C11876E797,SHA256=497EA3CB504A2D3514D69AC23B9714A4CD5B2EAB28BEA01374345714386763C4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178213Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:52.940{F0653C0F-C6EC-61E7-1F00-000000002402}1924NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178212Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:52.596{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=38620CF5C2476BF7AC3B9A575790643D,SHA256=97D717DDD5DCF2FA31011DD5A7189E923EC675C7463CB5E58EFAD61D9E679AC2,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.909{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F44-61E8-520A-000000002302}3368C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.908{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.907{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.903{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.903{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0F44-61E8-520A-000000002302}3368C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000248615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.903{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.902{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F44-61E8-520A-000000002302}3368C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000248613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.901{ED6274ED-0F44-61E8-520A-000000002302}3368C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000248612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.900{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6F042C308AEBA8D153AFB8F3DF87143A,SHA256=0305CE9AA4550B8112FE935872C6CF93BA91BFB25D4F5FCC653138F1F4874CDD,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000248611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.844{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-61748- 354300x8000000000000000248610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:50.844{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-61747- 10341000x8000000000000000248609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.488{ED6274ED-0F44-61E8-510A-000000002302}6841580C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.294{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F44-61E8-510A-000000002302}684C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.291{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.291{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.290{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.290{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.290{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0F44-61E8-510A-000000002302}684C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000248602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.289{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F44-61E8-510A-000000002302}684C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000248601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:52.288{ED6274ED-0F44-61E8-510A-000000002302}684C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178211Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:52.568{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\respondent-20220119080814-300MD5=26E1A90A17A870013EF4C4218FE87777,SHA256=02B0674969846812EB5EACE6FE845327C5B46FC53D45D3793660008BF07077BC,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178210Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:50.095{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53307-false10.0.1.12-8000- 23542300x8000000000000000178215Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:53.610{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D15A7AB995060AC7171FDD5844560403,SHA256=5E5A7399B695B3A406EA3A796E72D572473491F71CF5DD4FEFC65ED8B88364BE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:53.497{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=82BE8416BC1F7D7E571AC5DAD9696191,SHA256=26C29419AB6C340CDEDFB40B29813245E94380647187BE2E85AA3AD1FD7CE1F7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178214Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:53.582{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\surveyor-20220119080812-301MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:53.293{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=0AD8A2871D683ED7A30B73370F81EB01,SHA256=EA725EC29090806D49C020DB32245E94F3370F6D7C0D8F1AC2032B06772EDA93,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:53.107{ED6274ED-0F44-61E8-520A-000000002302}33687528C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178216Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:54.613{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E3F0EB031BC0E2221183D893573FB7FF,SHA256=D70920E36FE41A4B3E8FE7DDF305EFEACC5C8E616175E18958714424B265E72D,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000248748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:53.436{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60273-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000248747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:53.436{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exeNT AUTHORITY\SYSTEMtcptruetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60273-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 10341000x8000000000000000248746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.795{ED6274ED-0F46-61E8-530A-000000002302}62967504C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F46-61E8-530A-000000002302}6296C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.782{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.779{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.778{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.777{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.776{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.572{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F46-61E8-530A-000000002302}6296C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.571{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.570{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.570{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.570{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.570{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0F46-61E8-530A-000000002302}6296C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000248627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.569{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F46-61E8-530A-000000002302}6296C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000248626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.568{ED6274ED-0F46-61E8-530A-000000002302}6296C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000248625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.500{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=91A35617F0A2F97D3B7EFBC3C3BFD670,SHA256=3467DD1B4C31FFA4DD9762A0D14AC2E7D0E86D09FD927D2843F887EFDD3CCD5C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:54.381{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=AD4DF8838EB0DA2D33FA9330741F82AC,SHA256=EE2F3A8E1BBC990FF22F05CAF4508C799E62DBD5325484C9D849269C97651F37,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178218Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:55.628{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B2D5D4F1B09AB16F5AB3EF202E01A017,SHA256=C51E3308B9CF1508B06E026CAD1C9C66CF897C4835744B949470F23E6EE4A639,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:55.574{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=A970E63FEE3EC228D37A6C3228793A2D,SHA256=519636866C8C7CB612B98EA3EF3CCC3B0F0841CC99691513B11918D68C34DA4F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:55.518{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C1F1E6E98E92CA8745657D619EB45227,SHA256=C6C736879A0DF96156547E989C528474A4CB754B2161329F90D150FCDEDFCCF8,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178217Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:52.861{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53308-false10.0.1.12-8089- 23542300x8000000000000000248749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:55.090{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D33E3CDB163B4CC5FBE5E874B246C3A9,SHA256=E04D505614CDA74983108AA8AA6DB070E72B0D3B765B52E97AFBFA7CC82D7850,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178219Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:56.644{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E8874EEE06879C9653AEC8844136BE6D,SHA256=806238A89020F92658662A96EDADF111E1252D5CC885769A62FBF37B1268ADFB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:56.524{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A75D6E920353136AC451DAEA25121705,SHA256=718A0A8FDEC7A2F098C9F66961876C8BF734919EFE639F2052819B9D758AF7F6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178220Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:57.660{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=366152F16E1923C766C97248FD9496A0,SHA256=DB771E9176D00EAA98219177755C08DC956DE5089775FB111BFADDCCB789E310,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000248763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:56.266{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60274-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000248762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:57.669{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F49-61E8-540A-000000002302}7756C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:57.653{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0F49-61E8-540A-000000002302}7756C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000248760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:57.653{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:57.653{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:57.653{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:57.653{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000248756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:57.652{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F49-61E8-540A-000000002302}7756C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000248755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:57.651{ED6274ED-0F49-61E8-540A-000000002302}7756C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000248754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:57.532{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C1A1D7E8A8D193A2BDC354A10BCFFA04,SHA256=FF1E17B219BAB38E8894DFB184FEDF71D837B607D4824B3EAFF3B1FE1B5A9835,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:57.038{ED6274ED-C704-61E7-2B00-000000002302}2988NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178222Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:58.675{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3BC39C48C1FCF9483638F885B55ADE03,SHA256=ABA2B5BD1200B4C9919EE5DB6DD5B558550F61119FF3EEFBD21B5C72DF3FAF82,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000248768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:57.086{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60275-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8089- 23542300x8000000000000000248767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:58.746{ED6274ED-0D90-61E8-F109-000000002302}7000ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index~RF11ac0e3.TMPMD5=A24E5FBAF76CF2C3F188F0D28C1C2AEC,SHA256=B0EEFB36C3C5E67D8F28F7A5017B302B6B5ECD9D808CE4366C72CB1B9D62AF63,IMPHASH=00000000000000000000000000000000falsetrue 254200x8000000000000000248766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localT10992022-01-19 13:16:58.743{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\Code Cache\js\index-dir\temp-index2022-01-19 13:09:38.0432022-01-19 13:16:58.742 23542300x8000000000000000248765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:58.655{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=214155902E21A4FB4E8935F9B7D79F9A,SHA256=699F1A0266C7E27F4E85330279EB6B2B483633DA2FCBEFE90275F67A5200F139,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:58.538{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ADFC8F6995C702C960B33E9CD3F818D8,SHA256=0D22CFD13FF2024109F14F568F1255046FC1CAF10AC1D1C8E40E586ABF2C4988,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178221Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:56.034{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53309-false10.0.1.12-8000- 23542300x8000000000000000178223Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:16:59.691{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9B770960D1C7247BF57154F70A974BB5,SHA256=B352DE0303FFE3C7D208867EE895D5B22E3548CD5AF559B2D8D49B789F410DDF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.894{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=12312055BEF501CCEC0ACA02717D2CEB,SHA256=BC0E4B6E46BF11F2C18B1E7F1927B5448F093595CBC253CDF37FBB3485E3EDE4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.818{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=51B19E9B5F585928AA3C9241337E3FC2,SHA256=B171A0E6897147A25FDF1C6FE1522389F943E24545E3501D4F3BFFAD491CA240,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.802{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000248817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.801{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D1BFF70031217FBD2D0F794739960F8D,SHA256=729347BC9847B164377ABCCE63EE0C958DEE576134D2A25DA09C615A589ED842,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.801{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.800{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.800{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.800{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.800{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.800{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.800{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.800{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.800{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.799{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.799{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.799{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.799{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.799{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.799{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.798{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.798{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.798{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000248771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.677{ED6274ED-0D92-61E8-F709-000000002302}7808ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\TransportSecurity~RF11ac48c.TMPMD5=A9F739ED419C9C1675242115FBE74B8D,SHA256=B36C0CD85E3A1B49779D5E421984B39064CC2E817AD31B7089F1301571FE695F,IMPHASH=00000000000000000000000000000000falsetrue 254200x8000000000000000248770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localT10992022-01-19 13:16:59.674{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\c80b46e9-24d5-4846-9714-52d47d1d8c2a.tmp2022-01-19 13:09:50.0402022-01-19 13:16:59.646 23542300x8000000000000000248769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:16:59.548{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B45C37DC02B71559590A4D943484EA42,SHA256=CD43AE54016077B5BECD817F59F781264F0EAEC6511CDB3465EC93528DCDD24B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:00.560{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D2EFCCBA5542B81BCCBC7A1F815FF994,SHA256=06B2E57AB60053F7991F6B75D6F82E47F2163A1B623E741FFE39EAA15CAA4AF6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178224Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:00.707{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B4EB0E9164D9F9BE0912AFEDD85B4B61,SHA256=79B1459AF605E84F19BB6F88BD75604F6BA1A89EB0CA57D66870C9E8413971B6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178225Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:01.722{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D60984ADB9819701910EBC93C9F15F1E,SHA256=B9186CDA3E6811AF141E7D113801816EB5B9C21B65C3FA1FAF926309FE29F89C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:01.579{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7BA39F3853974FBBBA6A0BCD5FB6B2E6,SHA256=9568A90C0E55237B256788457F14443990017368ECBD973C870F5F66BB6DD617,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178227Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:01.143{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53310-false10.0.1.12-8000- 23542300x8000000000000000178226Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:02.738{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=86B5A5BEB47A6EAE7887C8845C05ADD4,SHA256=9368EB103DC05653F2A5F7B801595397BEB2A5146C9DBC55A65123CF59026B3F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:02.584{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=47673B06D7DBCEB8D357EC2A018FA5E4,SHA256=FB11B19892B3FD1292C7253F291C7DB275CA1AE2F46BF9A79EE0373C8028B22E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178228Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:03.753{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=861E5D6961F90F43DD28E3721CAE286F,SHA256=AA39D1700051C68F2BAA946F121FC4425AAF487BC9D11F3D52B6642BECE54994,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000248889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:03.587{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F53B153066989F1C2FB9DA528E8BE0D3,SHA256=29AF984B247BA8C75B4071EC946444DC0A5FB7C7EEAFC863FC3D38C1046E0B13,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000249003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:02.212{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60276-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000249002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178229Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:04.769{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=632AE283BAE09310D06CA4737C3BD0C3,SHA256=558FDFDE0A4A58817013CDE6E4334FE695B84CCAA379F2A4C13CFC942550814F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.887{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.886{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.886{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.886{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.886{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.884{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.884{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.884{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.884{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.884{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.883{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.883{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.883{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.883{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.883{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.883{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.880{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.880{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.880{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.880{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.878{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.878{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000248941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.878{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.877{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.877{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.874{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.871{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.871{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.868{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.867{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.866{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.866{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000248917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.866{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000248916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.834{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6EB5F05E15F3BC035F0B4F61B07BB7F1,SHA256=C4D4A1FEEA2059FA769670BAD356978AD9FC6F515C77E6AD3DFEF95F099C3C37,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000248915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.820{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.820{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.819{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.818{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.818{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.818{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.818{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.818{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.817{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.817{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.817{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.817{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.817{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.817{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000248891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000248890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:04.594{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3F276760177D48C9EC807271DD21617B,SHA256=049D25D864287341EDEA4B553A440EAA24924E69C12160D8C7288AD5D393B30F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:05.598{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AAEACC160CA5B35934594E1F61A69765,SHA256=F96661873BBDB6FA44ADB87FBF2CDE6614D5E4CDF5ACF8EEA3F68F7E4E5DA8E8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178230Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:05.771{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8DC3C4E94E1D204BD408EE50BE80E4AA,SHA256=9C78735448CFA49062E80979DE19FDA630E99F1A8E0E9962005C6C6566D420AA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:05.000{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1AB7D12CAED39D430526FBCC7B3F1D45,SHA256=EB2C1B1211E903D606FED1CCC487783497A015A39019BBC83C75DAE8B33BB217,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178231Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:06.785{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0B864420BE6D647591C4EC5934C5E5EF,SHA256=E8442B7F12A1359D4357B1E6E80BE97A05AF055230BA3E72307627E2A9CD6ABB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:06.601{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B296CB615F67EB5C92A8673E2C1E50E2,SHA256=0A29EC95608156340563232B51F5A86E439F46B8C9D073C87B0B2F9AA870FEA1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178232Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:07.800{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=52275FCE4EE01950898F8E298C6023EB,SHA256=595A68B3D8D874854F1C29A7297D3A9684E7BC23FE507D7CB6EF202BCA1C97DD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:07.605{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1A4CA3F281028FA3E2F5C85945A75404,SHA256=119A01A83BEC996FF83191EA7408E61958F0D7899C02BC2EE2F88B30C54C284B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000249009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:07.271{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60277-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000249008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:08.621{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CFFC03374CF7B87D1153629F6238BD3E,SHA256=995C3462651270C403A61D6253606EFDD2CDFAA1A0E2F4A51F7DED47D49E35F7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178233Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:08.816{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=79E90775603B8288A83F885D9690F857,SHA256=087D24B3C51B8E06507FCCD5400C01AD45C93305E6C6ADC3D971A659679CDFC4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178235Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:09.831{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=933CE086BD86B23D3211509FD2EB30A3,SHA256=C5883120C6A96730052B2D56A4A3A443945F2018A5B7D8C355DE6101C509C84F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.838{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.837{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.837{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.837{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.836{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.836{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.836{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.836{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.836{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.836{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.836{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.833{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.833{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.833{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.831{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.831{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.831{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.831{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.831{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.831{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.831{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.831{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.831{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.831{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.831{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.831{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000249045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.828{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FFA4C6A5E3EB6EE0759F36E20420FF64,SHA256=34F5A007861A39AC63E9BAAB06FA090C6F3F84C05686C7F728C629920A28E4CC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.814{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.814{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.814{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.814{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.814{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.814{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.814{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000249010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:09.680{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1961760F5FD96B5C8A1E25D0126D99F8,SHA256=D10CA62CFE272CCCD3368EF3A1288A97AEAA808BA7E86306F3CC5E577C945D23,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178234Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:07.050{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53311-false10.0.1.12-8000- 23542300x8000000000000000178236Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:10.847{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CA16360A0C29C4380159AB42B0262E1C,SHA256=52E7AAE92CABEE68BDE997BA9EC73CB93380EC30C6D000FF9F93D1BE0FF61B98,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:10.692{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=85DDE455C831FDCD37C9609922BB03DE,SHA256=015624A0F1600E70BE8F7E11FD2EE60D0DF583161404F9AE3390D9BDBB6977F6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:10.103{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0283F30885384AC8F9EF5504AD627E3F,SHA256=99D88673A944539C187C11DB072247624F8A2352E3B6C9729D92B0756873B6F2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178237Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:11.863{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E074FB9322B8E60C1D0B0B8F213C5527,SHA256=DDF4212D265FFCF0CF7284BAC5018DACE0DEFAF2CDE0798ADEEA875067259FB0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:11.695{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6C880FBB59AF1AEEEF0E966E77AA435F,SHA256=E8A59411571F5014692A99E57F82F791760C8F9B59CFFEDEE834CAB1F0941424,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:12.710{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EA4FCC2E0E36B8A99B5268CF04BE0947,SHA256=EF1A21B5290475F084C6DD4C3FA478BF7CA3920C4E6C92035C5AB33DEA88E660,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178238Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:12.878{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=965BA1319CAEF6001B399FEBC1979614,SHA256=D3F0B67F71831C7EFAACA7823FE54626BB024614DA49759D777AB1CAC97DEB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:13.723{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6D9491C2F323DEE197456F69BF3ACC3E,SHA256=0FEECF3E614A01B7376242FF11BEC98EBB3D5DAC6EA821BF325B810B6E5D1780,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178240Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:13.941{F0653C0F-C6EB-61E7-1100-000000002402}980NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.datMD5=F83A51FD0784742996EED4371440B557,SHA256=2F8A09D55C65F2FEC52B42D90DAC4C00E8278B9F948761BA79E5D48E56165E14,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178239Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:13.894{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9807E4DB2A3BB98B05D2E41CA68F72FD,SHA256=566DD33F8320636E75A54518FD5C871F66713C01200C5B625A14DB92D597A0D2,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000249241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:13.269{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60278-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000249240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178242Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:14.910{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=911AADB5F9485936DC836C0459B7E5CF,SHA256=2CF49CFEA4C71B606DF469F27D342CAF94C31E160D9246AD74C30F483C91895E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.825{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.825{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.825{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.825{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.825{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000249175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.823{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=62B97E1B7A858A97B3A0C2635FCD82F1,SHA256=B91D6B23A134B5F675C0045283C8C8D37AB4A67E11E4ACDD749E914AB63AF6A0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.822{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.822{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.822{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.822{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.822{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.822{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.820{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.820{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.820{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.820{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.819{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.819{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.819{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000249128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:14.734{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=485A9A517E5B7E6F79EC8A1AFA352D3F,SHA256=C3F50637D4106BE02E91C639CD5A3C6E6F696A11E815A6D831D393FC77F6B046,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178241Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:12.986{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53312-false10.0.1.12-8000- 23542300x8000000000000000249243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:15.760{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EB4D172D4139E0FD9100A5942F1C3445,SHA256=7041BFD8607598A381BF20B076A5E3C2A4C547FA2C317CEAF5F5A0B47FF31A95,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:15.199{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2E9A30E5CAF26A42048740B5D8AF3659,SHA256=03AEF4CB3C75054B4515A2AA9547E527E6AA61F1C83D87E98F55622C6C958027,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178243Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:15.925{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DD559278F1FD40FD6FB07C1A6BFF7E99,SHA256=57BE91A789E246F662E382F388A8F2036DCDF19502805FE5FBE4425D073BA143,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:16.765{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E0FE79A7E1A2E6B494C1052DE9ADC0C4,SHA256=9EA58ADBE44FF49620EBBDAA3D1F1FD5649C6305CDF10E00B7AB55B7FAD052CB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178244Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:16.926{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F93B34F6826222B90F293A52091F4B88,SHA256=7CCAF48613858CBB6628187DFEA5D53B247759B4F50BB560108C2612E39F3C2D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:17.769{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=40077551D153211D9D30D87ADB615200,SHA256=DF5EB1640FC0C143B57E0D733640DEDDD9FB0ABE8352ED54F88676AB9C8D8385,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178245Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:17.941{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C1198CD05555D45307BE2BF7BA1538C1,SHA256=F43E7E7716C38E4A5A92B05B060830C969FDAEBAE9180C69C705AAB136ECC2C8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:17.047{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=18254DB77B2A2C45DDECC887DA76CD2D,SHA256=750A5E59C34F0E5BE1A65726A782FADCC28A968B77EED78FD5FCB11F6D52E017,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178246Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:18.956{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F063479BA72EA77C62C709F5BC68A466,SHA256=591142663BE6772BCC94B6A76E68643F4C88691C955E70531B230075379912B2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:18.781{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9FED995B98B3BBD68812F47F194FA3A2,SHA256=D9438595E122C4FC6007EFF6136AC43700392B2731395D335EB0B3FCAB8D30D3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178247Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:19.972{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6DB211CD2A26243DECC703BE4C78F60D,SHA256=9D7DF6F35CDF4C871505450A127E257D2B7E9AB46506A24D00B21EC91B57DF99,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.886{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.884{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.883{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.881{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.869{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.869{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.868{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.867{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.867{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.867{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.867{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.867{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.867{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.867{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.866{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.866{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.866{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.866{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.866{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.856{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.856{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.855{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.853{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000249274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.848{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B138F856612611807D898E5B785BAB2C,SHA256=56B7C4EA1836347E20EDCB9A31974046C328F980176851036CAF25D26EA584EE,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.841{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.837{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.837{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.836{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.833{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.833{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.833{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.833{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.833{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000249248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.787{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F6042EA5C1C682AE7D1A8117239AA178,SHA256=464837BDCCE8A6D4F31CDDC60D75C8D72B828D14057A7F005A2257CD240364F4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178249Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:20.988{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0D335B89D5167088CC8E1543F215CECB,SHA256=A84F316961F14728EF0B24BC669F74522DD28D62610959BE86AAB563961134CB,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000249364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:19.261{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60279-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000249363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:20.797{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B3D2D2B4A973ADBBA6EE71924B65E13E,SHA256=30AF7B95C810F7E1F26FDCCF83D7CFCB6379B6FF9E3258277898B771E3AB5951,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178248Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:18.158{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53313-false10.0.1.12-8000- 23542300x8000000000000000249362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:20.149{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\respondent-20220119080839-300MD5=31AE3B99E9722C70B2B0BF5629B78D35,SHA256=018F3996AECFCFD96518A9A6A1237881C0D4A214E94965D02F176A723ABECB27,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:20.011{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B71E2E126F95F69231DB99898AD3BB50,SHA256=AF91921277A87BB7D9FEB429801C35A732BB620C5A23A5676FD0EC2A27419D13,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:21.804{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AF2F6928288783E00BD7ED2A5B8ACE76,SHA256=DE9D491B150E8874DA96A191A17B4A460B08E0CF25DA9A78B429E8815ABD44FE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:21.148{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\surveyor-20220119080836-301MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:22.808{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=510A1149A9967737943242DA4C02AD9C,SHA256=17842A714689D8618A7AF708DFFC7BCA35CC4E28378F212FAD8DEA40F5B1CB01,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178277Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.894{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F62-61E8-0509-000000002402}592C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178276Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.894{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178275Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.894{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178274Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.894{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178273Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.894{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178272Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.894{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178271Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.894{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178270Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.894{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178269Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.894{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178268Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.894{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-0F62-61E8-0509-000000002402}592C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178267Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.894{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178266Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.894{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F62-61E8-0509-000000002402}592C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178265Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.895{F0653C0F-0F62-61E8-0509-000000002402}592C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000178264Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.660{F0653C0F-0F62-61E8-0409-000000002402}31363788C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178263Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.394{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F62-61E8-0409-000000002402}3136C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178262Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178261Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178260Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178259Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178258Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178257Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178256Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178255Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178254Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178253Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.394{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-0F62-61E8-0409-000000002402}3136C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178252Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.394{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F62-61E8-0409-000000002402}3136C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178251Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.395{F0653C0F-0F62-61E8-0409-000000002402}3136C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178250Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:22.003{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=745CBD9A324BDEDA39472DAFA08526BF,SHA256=307DA9E27536C81CA49659B903F73801263D3BAD85E13071056AFD4B27CFC3FA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:22.059{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=4669735922B1622CCC6D7CE5AE978999,SHA256=A63F113182C4131212E11A53A2A7C5177C932FDD23454A84DA0FF97FE4914E1F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:22.054{ED6274ED-C6F3-61E7-1300-000000002302}704NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.datMD5=354619A42971449C9E89E5107E73BA93,SHA256=D5850176831F3B86369F635124A6A67926971E2F9DF233F371FFDFF6C469F213,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:23.813{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F9DF9B5BC55F0C9FDAA072DB2CCFF492,SHA256=08E3D82BD15D991D8F366EB55D3E4D72CD97B097ABF00CB268E317C2B075F26D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178293Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.410{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=F9A6C8EEAFA45A702E3338784333F8EC,SHA256=51743ADD4D8A065E9900AD904979B177BE1ED1B01372EF1CFA4E3736DF9A29AB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178292Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.410{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=B6F302D220FF5B19B406DA8E1EC3AAA3,SHA256=0B85B0AC2F321C4B55EB49DE4DBA122B065283F4873B825C0FDA9FD3365918A3,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178291Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.394{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F63-61E8-0609-000000002402}3448C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178290Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178289Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178288Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178287Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178286Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178285Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178284Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178283Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178282Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.394{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178281Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.394{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-0F63-61E8-0609-000000002402}3448C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178280Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.394{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F63-61E8-0609-000000002402}3448C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178279Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.395{F0653C0F-0F63-61E8-0609-000000002402}3448C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178278Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.206{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D2686F717F1D1E17AAD920AD801C7A29,SHA256=C247AE76110BCB5034B2DD0E5BEA89C2210E4180A3CE788CD1B3EA32443B41A1,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178294Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:24.238{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8F10B15AEFDE04D6D735861E1F88632D,SHA256=5997674F160F008AED7608A4310BF3D4828EEF4E3399353088147A0BEF17341D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000249467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DA921D6D9D6374A4FA586C4BCA0E9E92,SHA256=DE1179B14F51785F42C68A694E6935D5CEC122449AECDEF952536EE038E2A7EC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.907{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.907{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.900{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.900{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.900{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.900{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.900{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000249371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:24.829{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F8BA811DCDAF2462509D11A1654654E4,SHA256=E5A719216FD62394EDF0B79E959A14795F59F977CBAD43BDEEE30EE6FA5E4774,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:25.837{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FEF8F479EC747B41EA66A9D776BDE7C3,SHA256=F777134BF2BC2C3DF29F7C0AD7D6FB3D24B6A3A92F0098F6D42DA0E36A65356F,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178296Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:23.939{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53314-false10.0.1.12-8000- 23542300x8000000000000000178295Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:25.331{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=35E0F2D325788BD6F52BDDC032C1D685,SHA256=E2BAA484941A27D6CC26A2AD5CE154336DF68CC31614812E5165C30241383205,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:25.119{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=90D7B06E9491C8F054FA6FB66A8114DC,SHA256=2D2C9C79D2C7108269F970A7567FF78D37E86883BBE968B224AE4C84F21E4231,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000249487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:25.254{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60280-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000249486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:26.850{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0A23F318348803127C3A3900DDDCBC44,SHA256=B01818114C9DBFAA40917C1CDBBF3605635201B55F2D8DA11BD299785C9B992F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178311Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.832{F0653C0F-0F66-61E8-0709-000000002402}27523876C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178310Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.644{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F66-61E8-0709-000000002402}2752C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178309Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.644{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178308Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.644{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178307Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.644{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178306Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.644{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178305Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.644{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178304Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.644{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178303Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.644{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178302Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.644{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178301Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.644{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178300Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.644{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-0F66-61E8-0709-000000002402}2752C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178299Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.644{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F66-61E8-0709-000000002402}2752C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178298Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.645{F0653C0F-0F66-61E8-0709-000000002402}2752C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178297Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:26.363{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=940DF65D6430632720588152859ECB93,SHA256=C3FDD4C669323457A053891FDAD7849AB8E0676A60443FC8489B82642B32D3B8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:27.857{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6FCEC2B116D1B210600CCD94C39F65CF,SHA256=13B9B0444B219A971BD8A761ADCA68CEBE68FFA50398FA7A2C45D62837671223,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178340Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F67-61E8-0909-000000002402}1260C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178339Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178338Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178337Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178336Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178335Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178334Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178333Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178332Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178331Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178330Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-0F67-61E8-0909-000000002402}1260C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178329Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F67-61E8-0909-000000002402}1260C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178328Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.974{F0653C0F-0F67-61E8-0909-000000002402}1260C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178327Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=75F8AD3C5ACFE6E231728AD0C4C48177,SHA256=0303CCA5A0AF1315D40267CDFB1869620A20E46EC641E1E009084998BA24D655,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178326Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.972{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=F9A6C8EEAFA45A702E3338784333F8EC,SHA256=51743ADD4D8A065E9900AD904979B177BE1ED1B01372EF1CFA4E3736DF9A29AB,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178325Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.488{F0653C0F-0F67-61E8-0809-000000002402}33241448C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178324Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F67-61E8-0809-000000002402}3324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178323Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178322Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178321Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178320Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178319Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178318Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178317Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178316Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178315Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178314Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-0F67-61E8-0809-000000002402}3324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178313Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F67-61E8-0809-000000002402}3324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178312Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:27.316{F0653C0F-0F67-61E8-0809-000000002402}3324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000249491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:28.862{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=959D606E42989BD9535FEC5FABE0D7A6,SHA256=1E8C65E0339764EDEA3703321ED81459051A6F21CBA4BB83749BD41D099F0715,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178342Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:28.519{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A9741D80FAD4B7AADF07FF62E331FABB,SHA256=11286E9E95C2AC38CBBEBCEAB0A3B8BA26843DE15C86344CDD094584FCE1E5C4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:28.261{ED6274ED-0D92-61E8-F709-000000002302}7808ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\Network Persistent State~RF11b342e.TMPMD5=B207CA78ECEBC8CE3A67BF95114EEEFF,SHA256=0224624244A143414C296F20D6848DF80EA4AB038D99FC6A780796E4CCC8EF18,IMPHASH=00000000000000000000000000000000falsetrue 254200x8000000000000000249489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localT10992022-01-19 13:17:28.259{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\ceb338c1-4e4e-4f9f-a96c-6922e74d8001.tmp2022-01-19 13:09:48.1132022-01-19 13:17:28.242 10341000x8000000000000000178341Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:28.144{F0653C0F-0F67-61E8-0909-000000002402}12601896C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000249604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178357Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.581{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=188B7D48DEFC2C0E08C433C445173245,SHA256=DB200D5ED7FE6E69D51C8846FB0FD51D2F0DDBE42F4941DDF03202C5AEE47F88,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.916{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.916{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.916{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.916{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.916{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000249542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.912{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8B5F4AE4992C2621F2B26EE34B4A03C6,SHA256=A1FD51EE3C9D8C177A8FD49CE00F9A73E122DFA9B2B3E640473915F43584CBA6,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.900{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.900{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.900{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.900{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.900{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000249492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:29.868{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=88DAC8F3FC34640F47DA72BC8BCEF529,SHA256=F76616DC616490B7AC316ABECCAAF433DB4A73C262FF69002B64562DCC306A76,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178356Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.097{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=6E19F32A1F8AF8182C3B4091AF7B8A76,SHA256=FF98222FC0CCA0BE6D1AC041623ACCE5C5DDF5E8ED69DCA0D627EECCD9F23EAB,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178355Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.003{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F69-61E8-0A09-000000002402}3356C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178354Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.003{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178353Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.003{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178352Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.003{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178351Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.003{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-0F69-61E8-0A09-000000002402}3356C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178350Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.003{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178349Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.003{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178348Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.003{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178347Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.003{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178346Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.003{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178345Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.003{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178344Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.003{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F69-61E8-0A09-000000002402}3356C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178343Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.004{F0653C0F-0F69-61E8-0A09-000000002402}3356C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000249607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:30.879{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=20ACA0127829C7581F295A459AED8C2B,SHA256=A42C62E0EED5473396D0ED4A9202B3B2901CB0F55395ADD70D2DA9C2FF91C809,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178359Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:29.064{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53315-false10.0.1.12-8000- 23542300x8000000000000000178358Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:30.660{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C0CF03B0ECB530E4449FFAFE17108DF6,SHA256=A303B8F0171D19E4C236ACA173FC9E664E478C2A3A41737F8E5158DADCD4581C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:30.371{ED6274ED-C6F2-61E7-0D00-000000002302}9006584C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000249605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:30.219{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3587F2DD54A4BE458E5CF746D36DE332,SHA256=1180BBC5B54781740DD2EFE59464E3F6C44043B8A80DF36CD164F38E7D3B1D26,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:31.881{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BC6179D290E78D7A644EC3C7CC83E2D2,SHA256=B024A80D93E411FA7B9D9CCFCB3C10AAE5A003209B80115081A8C6BD59D7CC9B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178360Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:31.675{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C15EDE9FEEF3ABAB8BDCEBD08A248E0C,SHA256=9E99B654316F0F7F02A759EAEF36D1BB2BB8D53FACC7956157667360285309C2,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000249610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:31.203{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60281-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000249609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:32.956{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8796212AFBD473796FAF6F138E339A29,SHA256=BA2C2D99934A693DEDCF01E15198FC75695E060AAC7F4D216CAF23D6C5DAC2F7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178361Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:32.753{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=95C727F3F0A35C93548D9E4F63E85307,SHA256=8A9AE79315B766236BAC744C9BAFB885F6D13F60DDA6A31CADFD255D64AE2570,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:33.961{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0DA3EEFC4787AC07247897364C758A09,SHA256=D49B4E1AE10450A065C31F84C513F676DE381B6E74A180CE6D03D08D83308D21,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178362Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:33.847{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3D0625D9404023C035E7562AC1817F79,SHA256=B42FF942811E6DE480FCEE222BF8318B0E67B7C27921B32C94E5A241A9354545,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178363Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:34.925{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E08115764FE7DA10173B274F3AD47A44,SHA256=C30A50328F7B7AAC8BD785709F5680200DD2CFED5431D71B4BDB8229092DF8F9,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000249661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.936{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=737567594CAAD9E2636098AA53693211,SHA256=ED450702C5CC3B5A42F20C8F603EDDFCAFD448056A37EAE997DC02A798660A3D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.922{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.922{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.922{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:34.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000249724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:35.318{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9EEE71862CA8CA644F0447FCA1F1AB9E,SHA256=55D4EBA09328BA47482079458F02214413C3F959388055C618126915FBFDB215,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:36.326{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3588A5FD96442A747C6CC333DDF9F613,SHA256=B36F3079CE8A15AFC43FD132B9E1ED55C7568292DB51C391478EA2E79192B143,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178364Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:36.019{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=588A784337016397DD9382DA55772A14,SHA256=B3611408DA112FF8AFA4944B8898A507D8009B6832B960B09264AEF7E22F72B1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:37.356{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=00D60B4BA8242EDD7653A776BF60B11B,SHA256=849D5F97506C6D3705801A553FCA4BD3DB218CA9B05381611F478837AB463AC0,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178366Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:35.035{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53316-false10.0.1.12-8000- 23542300x8000000000000000178365Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:37.113{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=980ED82A9ED5B0809D59D09170CA89E5,SHA256=E588D8308FD1720D7ED57A559E5AEF0B99CD869041CB5272704A5038F38DB874,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000249728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:37.193{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60282-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000249727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:38.398{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=902E6D81AD630FDED3A4CC030C609681,SHA256=107630DDBB8E9E44604ED74DBFBCA6384A30813A65D6DA8550BF90BEBA8D4F03,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178367Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:38.144{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9403A1405D90F42492BF98159CDEF822,SHA256=5CE9C1AC440E4FAA1236A2A34D5CA6477AC0745146C3EB031C4692E70B0E21D0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178368Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:39.238{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=415E0F8D6BAE40CE0779B26E234B60EF,SHA256=DFBE515AF78B61C7FF1E4ED562F83312B93A413AAAAF920A5AC773FE8E006A2F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.926{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000249729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:39.405{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=541784AF4CF5BA279E70710345AD2E66,SHA256=954699B57E04EDEBF6F7DF0654AB6BDD82C3D570F3063599FFBA66931B57A6DB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178369Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:40.472{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=262B9CD3C6F1CE25F29D7EA42051F25C,SHA256=1006D05E9E88B472B1F02E75F76E0394F78D5E663188D83A8B35994D69E6D700,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:40.415{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=37B597DB46109751743A776A05E07C3B,SHA256=7DA550316C61FC7928D302719D8D6DC3D926700ECF8693177E7D3483F4DBD752,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:40.160{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C526638F7498E8DC8DCCAF0AF1720F11,SHA256=25C03929B0CC87E8D1AD2EB466356DD9E1628261B2A407804C43495FC19E4D2B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178371Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:40.158{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53317-false10.0.1.12-8000- 23542300x8000000000000000178370Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:41.488{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C34FDA8EF98D81039EF0B03841A88727,SHA256=368E125DF61038378A6101219DF739568FB59CF1EF92476B5D4AB635ACA56F38,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000249845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:40.865{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeATTACKRANGE\Administratorudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local51313-false162.159.135.233-443https 354300x8000000000000000249844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:40.863{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53725- 23542300x8000000000000000249843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:41.419{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9B936560B43F090FAB1B1FA1B85DA30E,SHA256=072DD4EFEBEC06E9496B46B082299F829A5ED352D041E99B6D19B8B5FA724BD3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178372Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:42.503{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9DA5AA9AECE0DA5A621F36E9A6208339,SHA256=D1DADADE3522422FB2D4EAC41869D741882DAE7550BEEF0AC7B6675BD8FA9FDD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:42.427{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=28041EB6D2670E0915CA08FD25228D15,SHA256=A7353D92039A3AC97AD07118C9F4E118FED9319316E5E454214822A9B01012EA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178373Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:43.660{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=776AD4E7F1AC9DD743AFEC655B2D139A,SHA256=87BEB33AA01F37F1D8F75223B04FFC4D3E84E971ED16DC541BF240DC2C3A721E,IMPHASH=00000000000000000000000000000000falsetrue 22542200x8000000000000000249848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:40.799{ED6274ED-0D92-61E8-F709-000000002302}7808discordapp.com0162.159.135.233;162.159.130.233;162.159.129.233;162.159.134.233;162.159.133.233;C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe 23542300x8000000000000000249847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:43.430{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D2206507E0C8F9915F097D5052F0E494,SHA256=E9103AF7A3293B44B8F45744E7B3BCA742A08EE9ACF528E7E931B0F7BD8401C2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178374Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:44.706{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F0E556DA2E8843B2FF8C6020C3922EC2,SHA256=61AFF30306B915F992F3CDD5694D07C1A05262DF12C918FC5A8070A90595F574,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000249962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:43.194{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60283-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000249961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000249953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.936{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6B6631E97E59EAD1F4441724F4D06263,SHA256=52E03AA571FA9398DA455A5E81E3A7E46B18E0E464C59E8E717647BFA10256AA,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000249899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.927{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.927{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.927{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000249874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000249849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:44.434{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B93120621F3EB42FABC59E2A3F7F3ACE,SHA256=B2A6552985B4F445A5965ACD8657E8D1D80EC666E3D18070C4776FAFEBB43B32,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178375Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:45.738{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=13032A83F027869A792A8691E13649CD,SHA256=0182500D051329EEBEBC7AA2E6133C70BF5F1F8A401BD0CACE8326A0CAB4A435,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:45.463{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3F8B76079727B829B7D3A2C42D42DCEC,SHA256=A9BEBB6247CF7103CAB5098EDE990D18C20C07A394BD0825678CE91C5E0A666C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:45.027{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=860E4280BCC589AE5A48BC5D112349D3,SHA256=3BF1AF7895B2D521FF7345F1EA040E05F6CD054A879B6B12E716CD1ED2FC2876,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178376Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:46.769{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2E339403AE5BB02B31CDE68826DCBE32,SHA256=0B3BE7604204DA669AAB61E7B3FE99361E1ADCCBE1487B8721D96BEE5EE43A0B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:46.470{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4F487EC13EB067A95F28775E781A5AEA,SHA256=B4CCAE3BFA2FF9E1B288A0F1571987222B252AC0DE0B8C612CE5157DF8C2AFDE,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178378Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:46.142{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53318-false10.0.1.12-8000- 23542300x8000000000000000178377Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:47.784{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FCF1E24462850826096FA4480ED0F211,SHA256=286C492DC4C085004E4D5364AB78FE7F71C470C996331A998121F6567FDA1067,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:47.477{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C5404079CEAF37C8D3108979B529438F,SHA256=A72112AE27747BC15FD29FD10ADBE02A98D81442446E1E314D8E40CA7B7BE317,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:47.168{ED6274ED-C83C-61E7-B500-000000002302}47004808C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHCORE.dll+64c8|C:\Windows\System32\SHCORE.dll+6497|C:\Windows\System32\SHCORE.dll+6387|C:\Windows\System32\SHCORE.dll+62fd|C:\Windows\System32\SHCORE.dll+620a|C:\Windows\System32\SHELL32.dll+55a20|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11ed7|C:\Windows\System32\USER32.dll+22a53|C:\Windows\SYSTEM32\ntdll.dll+a9824|UNKNOWN(FFFFF80185E73FF8)|UNKNOWN(FFFFFF49E24A5B48)|UNKNOWN(FFFFFF49E24A5CC7)|UNKNOWN(FFFFFF49E24A0351)|UNKNOWN(FFFFFF49E24A1D1A)|UNKNOWN(FFFFFF49E249FFD6)|UNKNOWN(FFFFF80185B8B503)|C:\Windows\System32\win32u.dll+10c4|C:\Windows\System32\USER32.dll+1ea2e|C:\Windows\System32\SHELL32.dll+5928b|C:\Windows\System32\SHELL32.dll+dac4a|C:\Windows\System32\SHCORE.dll+33fad 10341000x8000000000000000249967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:47.165{ED6274ED-C83C-61E7-B500-000000002302}47004808C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHCORE.dll+64c8|C:\Windows\System32\SHCORE.dll+1c0e5|C:\Windows\System32\SHELL32.dll+55501|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11ed7|C:\Windows\System32\USER32.dll+22a53|C:\Windows\SYSTEM32\ntdll.dll+a9824|UNKNOWN(FFFFF80185E73FF8)|UNKNOWN(FFFFFF49E24A5B48)|UNKNOWN(FFFFFF49E24A5CC7)|UNKNOWN(FFFFFF49E24A0351)|UNKNOWN(FFFFFF49E24A1D1A)|UNKNOWN(FFFFFF49E249FFD6)|UNKNOWN(FFFFF80185B8B503)|C:\Windows\System32\win32u.dll+10c4|C:\Windows\System32\USER32.dll+1ea2e|C:\Windows\System32\SHELL32.dll+5928b|C:\Windows\System32\SHELL32.dll+dac4a|C:\Windows\System32\SHCORE.dll+33fad|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000249966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:47.165{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms~RF11b7e09.TMPMD5=3BFEABEF62EED5634A3D9EC762FF8CF9,SHA256=8CFFE559F97E8DD9937ED59EDD9BA6381AAF578575E36594FEC60085CDEEFEF0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:48.837{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F7C-61E8-550A-000000002302}6308C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000249977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:48.836{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000249976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:48.836{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000249975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:48.835{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000249974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:48.835{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000249973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:48.835{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0F7C-61E8-550A-000000002302}6308C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000249972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:48.835{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F7C-61E8-550A-000000002302}6308C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000249971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:48.833{ED6274ED-0F7C-61E8-550A-000000002302}6308C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000249970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:48.482{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B30B9F6792E5D74F5C3CD47C45D7DFCD,SHA256=0E3903BE9CAB82E1EED498469894B17F14DAD9E2EC2F9C4C0FAD197AF1160E4F,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000250102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:48.204{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60284-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000250101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178379Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:49.003{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9696F51F32D40E058220CD140B95E421,SHA256=7C0402A70129BF16BC43EE21D710DEED307BFC31570C44E111D29956D90F8011,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.922{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.922{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000249991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000249990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.839{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=220622331F52769F255AF2A2F2503C5F,SHA256=CFA351CA2FB5BF95A3C71FCC439086A33D2ECC7EB9096FA353EAA143E9515A8F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000249989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.838{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=3745DBBA6446753B5C98B9914C718131,SHA256=B863DB4B40C76E65A1D772488DE91011150CDFACBD309D0024C3A2C8AE1161D0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000249988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.677{ED6274ED-0F7D-61E8-560A-000000002302}70446356C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000249987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.502{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F7D-61E8-560A-000000002302}7044C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000249986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.500{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000249985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.500{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000249984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.499{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000249983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.499{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000249982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.499{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0F7D-61E8-560A-000000002302}7044C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000249981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.499{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F7D-61E8-560A-000000002302}7044C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000249980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.498{ED6274ED-0F7D-61E8-560A-000000002302}7044C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000249979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:49.487{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DD8AC1869696EC10DA20164A56086FA7,SHA256=0724E020E448E8FD80A23922FD9194C47EFE06E11EDC220E6399A6730046F823,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178380Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:50.081{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=12A6334CE13F70A55584B719B8EB3B26,SHA256=CB8AB5A2BB58935D10525E1CBD9D333036C5932C172F13B27D8879F6762E9549,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:50.499{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C46446F02707218281A27DCA7923FCA6,SHA256=0E8067F67389126E0D35A946D8CBCC7CACB0420F245C6710026858AEA51B9C0D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:50.017{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F7E-61E8-570A-000000002302}5996C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000250110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:50.017{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2F288EC20425C1D488E68CD32CCD4C6D,SHA256=ED34416889EC743D1830FA6830CCAD9BC6662AB4668C55ACCD5CA192BA57854B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:50.011{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:50.011{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:50.011{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:50.010{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:50.010{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-0F7E-61E8-570A-000000002302}5996C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000250104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:50.010{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F7E-61E8-570A-000000002302}5996C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000250103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:50.008{ED6274ED-0F7E-61E8-570A-000000002302}5996C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178381Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:51.253{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=004E0E907B334DDFE067606FB162EBA0,SHA256=471E7AAADC73C9D9E6C431A5B4DBF40B91555FAAD2F7FD86EC9896B6F1E70A94,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:51.507{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BD107E113135045767052844AE5A34E8,SHA256=6473095D616AD26EE8E659900375A425A35AB26B2A29E10723B4BEDAF938708B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:51.014{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=220622331F52769F255AF2A2F2503C5F,SHA256=CFA351CA2FB5BF95A3C71FCC439086A33D2ECC7EB9096FA353EAA143E9515A8F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178383Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:52.972{F0653C0F-C6EC-61E7-1F00-000000002402}1924NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178382Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:52.378{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EE060FF673056B1D5EF194CD28FFC90E,SHA256=1FAC0B3B871E7E18361F4E041F3B8F2E1B740068297AF6B8480AA8C69DEB28BE,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:52.559{ED6274ED-0F80-61E8-580A-000000002302}33682144C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000250123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:52.525{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6328D78B50F08134385668473B67A3B8,SHA256=A684A9D4D7AB6D8E406F3B40E49B4CA7335FDA4D850E3C2B2836B4AAAEE6D71D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:52.294{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F80-61E8-580A-000000002302}3368C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:52.292{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:52.292{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:52.292{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:52.291{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:52.291{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-0F80-61E8-580A-000000002302}3368C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000250116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:52.291{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F80-61E8-580A-000000002302}3368C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000250115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:52.290{ED6274ED-0F80-61E8-580A-000000002302}3368C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000250135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.541{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B85D89C2EFB97D967FCB5C02092597A4,SHA256=C796632AD7229BBCCDBA325DB3A8F6BB5EBA22D3363953C9EE6845549363A536,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178385Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:52.048{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53319-false10.0.1.12-8000- 23542300x8000000000000000178384Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:53.394{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=337E8F0A752CEB45F615EEE5B4142135,SHA256=FAF9D13726AE689BF43E3BA18D2152E414BB212683F3CBAAA29DB4F93ABDF2FE,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.332{ED6274ED-0F81-61E8-590A-000000002302}55847288C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000250133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.310{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=D59A512DFA6F1648359F4A1A1C62D7B8,SHA256=AF54CA2758BDDFE94E8CE6A58B07AA5136DBF49A773BB2452CB2159C42538BA4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.073{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F81-61E8-590A-000000002302}5584C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.071{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.071{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.070{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.070{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.070{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0F81-61E8-590A-000000002302}5584C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000250126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.070{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F81-61E8-590A-000000002302}5584C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000250125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.069{ED6274ED-0F81-61E8-590A-000000002302}5584C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 354300x8000000000000000250259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.438{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60285-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000250258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:53.438{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exeNT AUTHORITY\SYSTEMtcptruetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60285-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 10341000x8000000000000000250257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000178388Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:52.892{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53320-false10.0.1.12-8089- 23542300x8000000000000000178387Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:54.396{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=70B7E907546F871B8EF71C9D0C1EA93E,SHA256=5E80D8C1CF5EFF731EA73105A6EFA8FD9BF8E5B5BC54D1396AD84832DDB7ACAD,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.937{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.932{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.931{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.930{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.928{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.927{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.927{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.927{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.927{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.927{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.927{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.921{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.920{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.818{ED6274ED-0F82-61E8-5A0A-000000002302}68646460C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.576{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F82-61E8-5A0A-000000002302}6864C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.571{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.570{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.570{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.570{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.569{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0F82-61E8-5A0A-000000002302}6864C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000250139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.569{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F82-61E8-5A0A-000000002302}6864C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000250138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.565{ED6274ED-0F82-61E8-5A0A-000000002302}6864C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000250137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.566{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B4919E414871F0A1373EC7AAB8ECFB62,SHA256=3125231AAFD549C2EAB9D679108D3F70D91A9B56DA3780B60CB597DFE3D3C62B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.398{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=62748CEAA1C2C14731D0AF6383881043,SHA256=73F51FA6C9F64981FE17940CF0A7A1E9F6F5CFF61D21A642CA1F57AD146C9A7E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178386Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:54.103{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\respondent-20220119080814-301MD5=26E1A90A17A870013EF4C4218FE87777,SHA256=02B0674969846812EB5EACE6FE845327C5B46FC53D45D3793660008BF07077BC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:55.577{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=592069FD640DB1A3E140D6C22359A1EA,SHA256=39B55F0178385D3B43F379A6B869EBF6E0DDFABAB7F6BC6DB9A204DE216D1AF8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:55.572{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=344D4ECEA2DD9B256E9AF9E29D771704,SHA256=88A99F22A7A7A390F1E09EAE2B7DD875C4084529C6281619C43006D3CBA38D4B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178390Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:55.504{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2F0B38BCA21FCE758A840AFE44C8B0F7,SHA256=A163CF62DD2B40A87D5777F4DAB8EBEE448AC600E007F29631544543EF10D890,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:55.042{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A541877D7ADE81FC47D9B2D87283D68A,SHA256=C03FD64762E10378FC8F7814DD9E91970E9658F37CBB196F067052E2B4165F22,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178389Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:55.100{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\surveyor-20220119080812-302MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:56.663{ED6274ED-0D92-61E8-F709-000000002302}7808ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\TransportSecurity~RF11ba325.TMPMD5=60C4479494587DFA0FCF8F296B08A626,SHA256=9750ACD5537DB23546975C2A43E622F6D163FBFB3AD760F2A73CEF97E77A4C62,IMPHASH=00000000000000000000000000000000falsetrue 254200x8000000000000000250265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localT10992022-01-19 13:17:56.661{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\34a6dd00-c996-4e96-b3e5-5097fe98ff95.tmp2022-01-19 13:09:50.0402022-01-19 13:17:56.643 23542300x8000000000000000250264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:56.590{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7F5EA6A449E2B2E7A09CA1E88F85DDC3,SHA256=67EE810342374C934F2A28670B9072525FC4C8688E772F35DAF9BA54AE714CD1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178391Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:56.584{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=45F848BADDD1BB12ABFA8C8B442B1211,SHA256=D0E55C1EA83C48E90882609D9F75D2A8E16FD9A8847590DA760DBDED4EE86008,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000250263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:54.163{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60286-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000250276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:57.650{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0F85-61E8-5B0A-000000002302}5840C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:57.646{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:57.646{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:57.645{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:57.645{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:57.645{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0F85-61E8-5B0A-000000002302}5840C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000250270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:57.644{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0F85-61E8-5B0A-000000002302}5840C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000250269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:57.643{ED6274ED-0F85-61E8-5B0A-000000002302}5840C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000250268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:57.634{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=62875BCF3A7FE8996591F26810F0902B,SHA256=64BEB5F4FB49C1D815369D9CA41EEF46792A357A957768AB42B2370CEED3398E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178392Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:57.647{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3882FEB56A8EC676517C02A9F4DCB6FD,SHA256=C2323D87FDDD3B5B309ACA7FD7F68CB0F651734112C3B49A983EB49D4E1FF3CD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:57.057{ED6274ED-C704-61E7-2B00-000000002302}2988NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178394Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:57.145{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53321-false10.0.1.12-8000- 23542300x8000000000000000178393Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:58.787{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9E13EA26809F9B5AAF92AFC6111A884E,SHA256=14D0516EBE390AF909E779414B59A255848E4FB7B0D28043415C54D8F266CC7B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:58.649{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=8D5C3B92B1D0BF6FC123F8BCDABD4EF3,SHA256=AE9DC3F90FFE406560176734D4A64AC8095DF4CE831889A8DB055E48F4259195,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:58.644{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=26C542EE2208235F37964AC9D4D96F2A,SHA256=1C4DBA944F3520AA866CB7CDFE885FDB9C85C33B869B32879A15DD43D7DB5CC1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178395Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:17:59.819{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4DB09DC6B2BB442D174633367F5A85C9,SHA256=EAA93A2399B799946DA83FEDB49BE8D03EA8137DBE76B992D68A4A3D472C1AB0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.942{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.942{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.942{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.941{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.941{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.941{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.941{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.941{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.941{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.941{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.941{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000250280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.648{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6E5503BDCCD54848EEC28379EECB0D28,SHA256=1F6CE218211849CC791F57E0CD7C80E4F27D8B57FFF72112B5466CAF988C25C0,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000250279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:57.105{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60287-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8089- 23542300x8000000000000000178396Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:00.834{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5427B8ACD7CC81F33DF898412E41CFF2,SHA256=0C0F2F678EB240CA92B9E98C41E047B0C54CAF8CAE5A8C5D3CDA6ACACFF1A3BF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:00.659{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B2AF7426E0F2815F2D1EF3D85DDE1849,SHA256=1DFA54F66862F1C311FC8E19A9D2727BC30A5DFA14B1C8AEAAE3D872120AA586,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:00.145{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=62DF0524824399228A899253F09026FA,SHA256=ED58ECA016C1BDDDFA72EC1317A35EC3717FBFEC2AAA6A22966C44B1192A1BA1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178397Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:01.866{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=988552EDD8F9ADA3405CE9E9DA223B3C,SHA256=B0743ADAF5A868340EBD3AEDABD0F822CA080AEDD04DC9419085D8BF54839E65,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:01.666{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2BEE287554EE2B0B2BE22125D001E600,SHA256=36877DAA94174190CD6F0948C719688AA63F8E48729652E63146365030415AE2,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000250394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:17:59.169{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60288-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000250397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:02.684{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3875CF4D93D8EE674386ED3DC2E91967,SHA256=108CB5B5508C3716E9E9FEFB1A28A8D31DFBE90648C979E2FB0D9523CE573087,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:02.678{ED6274ED-CBFD-61E7-6801-000000002302}19525400C:\Program Files\Mozilla Firefox\firefox.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\Mozilla Firefox\xul.dll+e9d632|C:\Program Files\Mozilla Firefox\xul.dll+b7e656|C:\Program Files\Mozilla Firefox\xul.dll+277972|C:\Program Files\Mozilla Firefox\xul.dll+27774a|C:\Program Files\Mozilla Firefox\xul.dll+eb700f|C:\Program Files\Mozilla Firefox\xul.dll+1b2cce7|C:\Program Files\Mozilla Firefox\xul.dll+1b2e12d|C:\Program Files\Mozilla Firefox\xul.dll+1b2e12d|C:\Program Files\Mozilla Firefox\xul.dll+1b2e12d|C:\Program Files\Mozilla Firefox\xul.dll+1b2e12d|C:\Program Files\Mozilla Firefox\xul.dll+1b30266|C:\Program Files\Mozilla Firefox\xul.dll+177cb3a|C:\Program Files\Mozilla Firefox\xul.dll+cd36c7|C:\Program Files\Mozilla Firefox\xul.dll+ef3328|C:\Program Files\Mozilla Firefox\xul.dll+ef156f|C:\Program Files\Mozilla Firefox\xul.dll+ef2be4|C:\Program Files\Mozilla Firefox\xul.dll+ceff12|C:\Program Files\Mozilla Firefox\xul.dll+ef2648|C:\Program Files\Mozilla Firefox\xul.dll+ef06c1|C:\Program Files\Mozilla Firefox\xul.dll+eef8c4|C:\Program Files\Mozilla Firefox\xul.dll+eef5f1|C:\Program Files\Mozilla Firefox\xul.dll+11ea70 23542300x8000000000000000250398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:03.698{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E7052AAC23089CE830EF28EE7878B8FA,SHA256=581C08A7869A6C4272688C625B43A67FFEAADA20B26AE7C28FED4BA66A91EDD6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178398Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:03.022{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=08D60EB7CB2220389F8692665BC12C43,SHA256=FA113166FD8296A9FF42ABCC8FCF1B105A939399818115E5D9F0E0E17473B857,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.983{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178399Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:04.053{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A2A7D2E56450598D6894078F29DF0132,SHA256=4423E68040A9EA6F58B7A4F229F56A02ECE4F41D66F175747BCFA876455DCFCD,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.981{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.981{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.981{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.981{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.975{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.968{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.968{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.968{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.959{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000250445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.961{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3F16446388F90B721AFA11B5F4242C9B,SHA256=0454BE6B699E19DBC8D7A6053543D8991D6B96EC5DF6DE4252F59B76D8B0CD9D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.959{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.959{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.959{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.946{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.945{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.945{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.945{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.942{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.942{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.942{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.942{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000250406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.728{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A2FF26159A69D1E2B7E0DD55DCF0C903,SHA256=68E97F022066E294406192B2AE266B661076F31621CE84946340CF39977207AD,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.566{ED6274ED-CBFD-61E7-6801-000000002302}19525400C:\Program Files\Mozilla Firefox\firefox.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x2200C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\Mozilla Firefox\xul.dll+2cd00|C:\Program Files\Mozilla Firefox\xul.dll+e1fc3d|C:\Program Files\Mozilla Firefox\xul.dll+e1f6c8|C:\Program Files\Mozilla Firefox\xul.dll+825252|C:\Program Files\Mozilla Firefox\xul.dll+818e51|C:\Program Files\Mozilla Firefox\xul.dll+19c4c23|C:\Program Files\Mozilla Firefox\xul.dll+16762ac|C:\Program Files\Mozilla Firefox\xul.dll+19eb83f|C:\Program Files\Mozilla Firefox\xul.dll+970baf|C:\Program Files\Mozilla Firefox\xul.dll+254ce|C:\Program Files\Mozilla Firefox\xul.dll+1910c8|C:\Program Files\Mozilla Firefox\xul.dll+18ffef|C:\Program Files\Mozilla Firefox\xul.dll+43be401|C:\Program Files\Mozilla Firefox\xul.dll+442a149|C:\Program Files\Mozilla Firefox\xul.dll+442af39|C:\Program Files\Mozilla Firefox\xul.dll+1f98893|C:\Program Files\Mozilla Firefox\firefox.exe+a18f|C:\Program Files\Mozilla Firefox\firefox.exe+1c9f8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.565{ED6274ED-C83C-61E7-B500-000000002302}47005616C:\Windows\Explorer.EXE{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.551{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.551{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.507{ED6274ED-C83C-61E7-B500-000000002302}47005616C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.488{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.487{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000250520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:05.732{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D839B12D278080CB40D06FE74F3580A0,SHA256=BF6A8BFC83957C07CCCA5CDF7903B0117DDCC760966AC762BB40D8C04F11899F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178400Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:05.116{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=071C3E6CB01428FB8D7765C26C983A4C,SHA256=90BD09C3B9550E070C34BA3659396D590768EB0C5ADDF6F06EFB3D1B8F9F58D1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:05.048{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=91AFD3D1581D2E4FE1EFF6C5292D92C3,SHA256=5CC024E17A513C7F594CB9A39DD3600B7D85EADE910492A099691960E3206DF5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:06.734{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6BCB897C537A39C3FC4D3B53F4CFE4CF,SHA256=01DC8495E95570ED008AD8D856E4634970C2B2982C5E00DA164E91C22FB6AE20,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178402Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:03.114{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53322-false10.0.1.12-8000- 23542300x8000000000000000178401Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:06.209{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C4159BC808F65A965CFEC0692B679918,SHA256=1543DEBF35C4BC98C88354846F9792529C330EDC454A93EE8F8C4A920E4C840A,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000250521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:04.640{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local49652- 23542300x8000000000000000250524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:07.735{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E4ED6E37268D6E20B79B5C9954F0B7F8,SHA256=1862D98ADE5F1B310C5CF36A068F639C7D6F8B99A06FDD553D1DFDCED2F30FD5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178403Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:07.241{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5317D1B8603C6F505B37AE0DBDEBA1FD,SHA256=0C2780EEADBFE390A614EE99DF007FBABCB6F31EF4E432D348BDFB2AB4DE484A,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000250523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:05.155{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60289-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000250525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:08.737{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6C01F4F06740A510BBAF56F3A201FE98,SHA256=D8FB0FD2B2AF7A6918FBA719E4C0968E3286CBF5CE7FE799139AC460E678513F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178404Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:08.350{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1DFD5C94A6A05B62C904D949B7477AAF,SHA256=71B3B4851276B7543B96D62E9DE499BA248089DB5E7AA089189F8F7666D7CB47,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178405Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:09.459{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D324EAD6888DF3F68F3F5E94FFC33D37,SHA256=F741C73A13235877030BECB2F84E28575D0A379339F5889BF12038F980E4F1B3,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.959{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.959{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.959{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.959{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.959{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.959{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.959{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000250615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.959{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DEBA5035AF48CEA3B024D07C5B8D4382,SHA256=2D7316297FD0A357BBBE0B30567A048ACADEFEB837D7B410BF12E4E249C2CA57,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.958{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.956{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.955{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.954{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000250526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:09.738{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4FB0C760A3629342F0F29528671DD434,SHA256=C637B874358E02B69EDB9704D027318753FCE036A3D0398823973CE7D2350744,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:10.766{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3A2A3E0FB9DE3500ADAF98F6E2F719C3,SHA256=F571BA2220408C797FD470FEDA2CAFB056D95C930DB6912AE24F7600D5B8CACC,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178407Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:08.160{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53323-false10.0.1.12-8000- 23542300x8000000000000000178406Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:10.475{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D7A7EBC8026F6CAE2FFB57B0AFEC49FA,SHA256=BD5CFC2DBD910519CEE0B484BC7551D43536E0309CD86E1F350C2BE27E829C23,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:10.207{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0762F166E2F91A79C2BDE5AB7C016F71,SHA256=40CFEB4CFC53CB0B876F3898C4873A0162A713AE063EEF42F023A7672CE84725,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178408Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:11.616{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FC956CE85549A71A0D06FED64908CAE0,SHA256=33B30F414747A4E88A3EACA00507AEDE73383A7A1A822F3B1E1482DD8FAAE9B8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:11.769{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B22E2A6F2513083A5D497EFD7E86040E,SHA256=447AB4E8FB42F42ACC373513DFB333B653A84FEAC406B687AF62DA0269F8B9E0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178409Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:12.631{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CFBB29B2F7544307A5B8BCB84A61C22B,SHA256=8838BD5AB15A9469CD9D79813614993DACB2C49409FA279390189BFAA37E4C93,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:12.770{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AE77C27B58943E7707402A5B51C5ADE0,SHA256=069074B560D4B0E857F11B326DA9BAF83876AEAF5AB06B0E2B6667653CFFA686,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178411Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:13.944{F0653C0F-C6EB-61E7-1100-000000002402}980NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.datMD5=A4889C5C36B08A9D580DC4AF1179103C,SHA256=B536526167722BB6D9387CAA47DADBD82CA378DC539BE06A10BBE8E012D305F7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178410Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:13.662{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2E5F16697E99EC22FB91E8FF996123F8,SHA256=F8E4EFCE2793E41367611703FC7F92DE366E3C38B2E162D3927A99B6DAB2AA57,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:13.771{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2AF4A74A8ED57629C17C0FE6A138D293,SHA256=5540B1D2BF79B68C165725B24DC8503CCD7652636576D0255AAE80BCC0581468,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000250643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:11.119{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60290-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000178412Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:14.678{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3C0289966CEC379503A7F27DAB78C80D,SHA256=A61598C66A051DA75EA5D312DE73B087C6C00D3CE5EE8621E7A1EAE132E5E076,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000250671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.989{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8D44BE95AF190C9BF747205EEBC8E1A1,SHA256=E90D97CBF9F2DA3FF0664A9B442A5987E2154CD7BB0DD3630918087A8D85B2B7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.972{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.968{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000250645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.785{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2342C117A45952ACC0CBF19BF6ED1A70,SHA256=50325DE62D62171A9434FFDA65A35F34F47848B851267909CCEB149B58D98CE0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.794{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BE438BA9610D3DADA69AEE2522B05F7B,SHA256=0C6DC5DAE87927EFF980E80478D85607EC67662FA067CCA66FBD92912CF7CA37,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178413Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:15.679{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=15F1D97F73450C97A74066EA64EA9808,SHA256=5DC7D77ACB0B1D7081195A472142C81C509EFE015EFCCD88E5ABEF45EF440EDB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.552{ED6274ED-0D90-61E8-F109-000000002302}7000ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index~RF11becef.TMPMD5=4E12AEBA248AD6964DCA881E10AAE9A8,SHA256=CC545E9FB3CF4879E8D20AC53567B41EA55A40AFD1A359893E2E67E88DBB9784,IMPHASH=00000000000000000000000000000000falsetrue 254200x8000000000000000250759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localT10992022-01-19 13:18:15.548{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\Code Cache\js\index-dir\temp-index2022-01-19 13:09:38.0432022-01-19 13:18:15.548 23542300x8000000000000000250758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.125{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0531E7183A4BC1830E5017B2A57441A1,SHA256=7B9470B69EE8E655404F9A9B371F9D1DD89C427601747D1BC4CBA51B52ECEEF2,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.009{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:15.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:14.997{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000250762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:16.798{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AA2A74E6BCE7EFB2D2E4CF9F9CDEA9C7,SHA256=B999662C8F0BE28E5839D4C55512496331FE65EC58FD6A5EB37C1181E75377D1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178414Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:16.695{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C2D24BF7EACC223739EED39CD92F50AF,SHA256=DEC9B4AB4027391F0CD7033FFE04F861E62FB162B64E56B2484636520C6DB9CE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:17.831{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DBAA1F951B458039DFD5CB712ECE09B3,SHA256=29D3657BFF315168D20069C4F9FDC60A2060A969D6AE726A44A7492FE93D1C6B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178416Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:17.711{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D7F091EEBCE70BF39F9AA2AB18169FFB,SHA256=CDCD1C1801123E801BC0F2ED89115E2F477E1C6EA4CC6941416E88B8DC73C83D,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178415Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:14.129{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53324-false10.0.1.12-8000- 23542300x8000000000000000250765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:18.832{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AC80A4F11039F286C91AD4A85C159668,SHA256=54C39D37AA6D168D0D927F275E06BF1358E6F583EAB9C25CAD5C69589598B95A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178417Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:18.726{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2174A8D66468EB9A032B131C132EF555,SHA256=77A4259D4AA636E4AC1DC36592B20E388E1073B6CEC52BC3C4FA9CAB374E03BD,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000250764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:16.133{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60291-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000178418Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:19.742{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=78C8C69EAAFA60429A6394D112B4C2AC,SHA256=40BEE962D2C55B5F098F82F36A49C180D293043917CF1EC7E218BD2052226D9F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:19.845{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=37CA3CB5C964F9D0C4A076C61F089899,SHA256=9D884ECD19AFD31219C0E6B4636E9CF16656DF6FF7850C80C210BB949AF764D9,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:19.757{ED6274ED-C6F3-61E7-1600-000000002302}12164132C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\wmiprvsd.dll+2a2f2|C:\Windows\system32\wbem\wmiprvsd.dll+29e26|C:\Windows\system32\wbem\wmiprvsd.dll+28432|C:\Windows\system32\wbem\wmiprvsd.dll+57817|C:\Windows\system32\wbem\wmiprvsd.dll+8a475|C:\Windows\system32\wbem\wbemcore.dll+bcb3|C:\Windows\system32\wbem\wbemcore.dll+3393|C:\Windows\system32\wbem\wbemcore.dll+22adf|C:\Windows\system32\wbem\wbemcore.dll+22a19|C:\Windows\system32\wbem\wbemcore.dll+21f5a|C:\Windows\system32\wbem\wbemcore.dll+2c9be|C:\Windows\system32\wbem\wbemcore.dll+202d8|C:\Windows\system32\wbem\wbemcore.dll+390e|C:\Windows\system32\wbem\wbemcore.dll+22bba|C:\Windows\system32\wbem\wbemcore.dll+22a19|C:\Windows\system32\wbem\wbemcore.dll+21f5a|C:\Windows\system32\wbem\wbemcore.dll+22711|C:\Windows\system32\wbem\wbemcore.dll+2d78c|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:19.757{ED6274ED-C6F3-61E7-1600-000000002302}12164132C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\wmiprvsd.dll+2597b|C:\Windows\system32\wbem\wmiprvsd.dll+283dc|C:\Windows\system32\wbem\wmiprvsd.dll+57817|C:\Windows\system32\wbem\wmiprvsd.dll+8a475|C:\Windows\system32\wbem\wbemcore.dll+bcb3|C:\Windows\system32\wbem\wbemcore.dll+3393|C:\Windows\system32\wbem\wbemcore.dll+22adf|C:\Windows\system32\wbem\wbemcore.dll+22a19|C:\Windows\system32\wbem\wbemcore.dll+21f5a|C:\Windows\system32\wbem\wbemcore.dll+2c9be|C:\Windows\system32\wbem\wbemcore.dll+202d8|C:\Windows\system32\wbem\wbemcore.dll+390e|C:\Windows\system32\wbem\wbemcore.dll+22bba|C:\Windows\system32\wbem\wbemcore.dll+22a19|C:\Windows\system32\wbem\wbemcore.dll+21f5a|C:\Windows\system32\wbem\wbemcore.dll+22711|C:\Windows\system32\wbem\wbemcore.dll+2d78c|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178419Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:20.757{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=780D0855238BFD651787D82DC8325F0B,SHA256=891590CA6E72FD221209B0EC1BEA2C8F53212ECDFE200B55BC917F6B111018E5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.846{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A96059C04A577EDF921BA9D212A7C60F,SHA256=22E19926731C083ABFE813C28170A04FAA99A3370F055E4BEB2CA2DCBFDED609,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.294{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B735D46E6F116B4279EC68B76F111023,SHA256=46984B9DEFD5A510E3FE58B56AD6EA9760AEC0931AFB525E134B1699059C912C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.049{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.049{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.049{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.041{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.041{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.041{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.041{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.025{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.025{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.025{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.025{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000250793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.017{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.017{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.017{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.017{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.017{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.017{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.017{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.017{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000250769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:20.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178420Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:21.773{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CBB095DD8C1D4B24E209F3F9CE83F986,SHA256=A3EC4BFF407924D3D758EFB884CBB58985E34746BE668E755BF923AF2FF34D68,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:21.855{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=39EA0978EBC61955DE9497E85E5A886C,SHA256=CB3D8579F8F770F1C1FEA04B7062D0A2C0822697AC2E2B4E125655F0A7A628A5,IMPHASH=00000000000000000000000000000000falsetrue 13241300x8000000000000000250892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:18:21.795{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeConfidenceDWORD (0x00000006) 13241300x8000000000000000250891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:18:21.795{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeTickCountQWORD (0x00000000-0x011c0559) 13241300x8000000000000000250890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:18:21.795{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeLowQWORD (0x01d80d2e-0xa5f4dbec) 13241300x8000000000000000250889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:18:21.795{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeEstimatedQWORD (0x01d80d37-0x07b943ec) 13241300x8000000000000000250888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:18:21.795{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeHighQWORD (0x01d80d3f-0x697dabec) 13241300x8000000000000000250887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:18:21.795{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeConfidenceDWORD (0x00000006) 13241300x8000000000000000250886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:18:21.795{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeTickCountQWORD (0x00000000-0x011c0559) 13241300x8000000000000000250885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:18:21.795{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeLowQWORD (0x01d80d2e-0xa6093804) 13241300x8000000000000000250884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:18:21.795{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeEstimatedQWORD (0x01d80d37-0x07cda004) 13241300x8000000000000000250883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:18:21.795{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeHighQWORD (0x01d80d3f-0x69920804) 23542300x8000000000000000250882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:21.658{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\respondent-20220119080839-301MD5=31AE3B99E9722C70B2B0BF5629B78D35,SHA256=018F3996AECFCFD96518A9A6A1237881C0D4A214E94965D02F176A723ABECB27,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.979{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=340209ADBF82DF0A41A856236572E061,SHA256=1F75D1E970F9A812AEF6D64CE597721937A2225FFF5BEFA6F401A07C91DA187D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000250949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178436Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.789{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6257CE1FDD81CE4C09F5DE13BE2611F9,SHA256=E2020178907C34DF3DFF706DF7F8B8614D5F2E2A5D31288B576137EA8D72379D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178435Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.586{F0653C0F-0F9E-61E8-0B09-000000002402}37401680C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178434Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.382{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F9E-61E8-0B09-000000002402}3740C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178433Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178432Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178431Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178430Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178429Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178428Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.382{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-0F9E-61E8-0B09-000000002402}3740C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178427Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178426Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178425Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178424Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178423Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.382{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F9E-61E8-0B09-000000002402}3740C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178422Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:22.383{F0653C0F-0F9E-61E8-0B09-000000002402}3740C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 354300x8000000000000000178421Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:20.130{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53325-false10.0.1.12-8000- 10341000x8000000000000000250945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.932{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.928{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000250897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.864{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F25D9278D047B3DEEB6AB11B1146BA2F,SHA256=2423ABF6F367A51725119606F539E45301571BD83A548F13157548F3312EE39D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.657{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\surveyor-20220119080836-302MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000250895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:21.152{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60292-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000250894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:22.056{ED6274ED-C6F3-61E7-1300-000000002302}704NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.datMD5=A0A888559ECDC2EB6E2206E28B04CA31,SHA256=37C95D32E09BAC9C8C454E50C6A39B2951994FD56E14AF4F3B8C373EDA90812C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178465Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.820{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AA3BD68782D580E16DFF2D46BEE5D4B2,SHA256=0A44749AE06D009F10DB41036A5B20580BC3F93A8012B4D26FD5B57079DABEA7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.976{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\SYSTEM32\ntdll.dll+a99ac(wow64)|C:\Windows\System32\KERNEL32.DLL+33dd3(wow64)|C:\Windows\System32\KERNEL32.DLL+2b6b1(wow64)|C:\Windows\System32\faultrep.dll+13849(wow64)|C:\Windows\System32\faultrep.dll+e10f(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.975{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.975{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.975{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.975{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.975{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.975{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.975{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.975{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.975{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.974{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.974{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.974{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\faultrep.dll+26e53(wow64)|C:\Windows\System32\faultrep.dll+11e90(wow64)|C:\Windows\System32\faultrep.dll+dd0a(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.974{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+10f67(wow64)|C:\Windows\System32\faultrep.dll+dc56(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.974{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\System32\faultrep.dll+dbf4(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.973{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.973{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.972{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\SysWOW64\WerFault.exe+16ecf|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.972{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\SysWOW64\WerFault.exe+16e14|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000250985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.946{ED6274ED-C837-61E7-A600-000000002302}34043476C:\Windows\system32\csrss.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\SYSTEM32\CSRSRV.dll+1a30|C:\Windows\SYSTEM32\CSRSRV.dll+5c09|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000250984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.942{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.942{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.942{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.942{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000250980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.942{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.938{ED6274ED-0F9F-61E8-5D0A-000000002302}81567756C:\Windows\System32\svchost.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6f453|c:\windows\system32\faultrep.dll+695b|c:\windows\system32\faultrep.dll+6fc1|c:\windows\system32\wersvc.dll+af4c|c:\windows\system32\wersvc.dll+86c3|c:\windows\system32\wersvc.dll+589f|c:\windows\system32\wersvc.dll+5508|C:\Windows\SYSTEM32\ntdll.dll+80a34|C:\Windows\SYSTEM32\ntdll.dll+1e8a2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000250978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.938{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe10.0.14393.4402 (rs1_release.210426-1725)Windows Problem ReportingMicrosoft® Windows® Operating SystemMicrosoft CorporationWerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 7712 -s 864C:\Windows\system32\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=7BD45584299308DAEA16F2221A464A7F,SHA256=55E74A461777651BE95BBBB93835E69974FE8955631D92A3B7BB97504041D1BB,IMPHASH=CABB1BD9C8861200DB46B24A4934E8E8{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe"C:\Temp\dnSpy-net-win32\dnSpy.Console.exe" 10341000x8000000000000000250977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.934{ED6274ED-C6F0-61E7-0B00-000000002302}6405532C:\Windows\system32\lsass.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+26327|C:\Windows\system32\lsasrv.dll+2746d|C:\Windows\system32\lsasrv.dll+261a5|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.934{ED6274ED-C6F0-61E7-0B00-000000002302}6405532C:\Windows\system32\lsass.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\lsasrv.dll+260ed|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.930{ED6274ED-0F9F-61E8-5D0A-000000002302}81567756C:\Windows\System32\svchost.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\wersvc.dll+aec9|c:\windows\system32\wersvc.dll+86c3|c:\windows\system32\wersvc.dll+589f|c:\windows\system32\wersvc.dll+5508|C:\Windows\SYSTEM32\ntdll.dll+80a34|C:\Windows\SYSTEM32\ntdll.dll+1e8a2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.930{ED6274ED-0F9F-61E8-5D0A-000000002302}81567756C:\Windows\System32\svchost.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\wersvc.dll+acb9|c:\windows\system32\wersvc.dll+86c3|c:\windows\system32\wersvc.dll+589f|c:\windows\system32\wersvc.dll+5508|C:\Windows\SYSTEM32\ntdll.dll+80a34|C:\Windows\SYSTEM32\ntdll.dll+1e8a2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.930{ED6274ED-0F9F-61E8-5D0A-000000002302}81567756C:\Windows\System32\svchost.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x50C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\wersvc.dll+88e0|c:\windows\system32\wersvc.dll+857c|c:\windows\system32\wersvc.dll+589f|c:\windows\system32\wersvc.dll+5508|C:\Windows\SYSTEM32\ntdll.dll+80a34|C:\Windows\SYSTEM32\ntdll.dll+1e8a2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.861{ED6274ED-C6F0-61E7-0A00-000000002302}6322928C:\Windows\system32\services.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\services.exe+1713f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.857{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000250970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.857{ED6274ED-C6F0-61E7-0A00-000000002302}6327400C:\Windows\system32\services.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6f453|C:\Windows\System32\KERNEL32.DLL+1d37f|C:\Windows\system32\services.exe+307d|C:\Windows\system32\services.exe+6334|C:\Windows\system32\services.exe+dc24|C:\Windows\system32\services.exe+d248|C:\Windows\system32\services.exe+17f9d|C:\Windows\SYSTEM32\ntdll.dll+65b65|C:\Windows\SYSTEM32\ntdll.dll+6586d|C:\Windows\SYSTEM32\ntdll.dll+656d0|C:\Windows\SYSTEM32\ntdll.dll+3a800|C:\Windows\SYSTEM32\ntdll.dll+1ed13|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.853{ED6274ED-C6F0-61E7-0B00-000000002302}6405532C:\Windows\system32\lsass.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+10f0e|C:\Windows\system32\lsasrv.dll+1e908|C:\Windows\system32\lsasrv.dll+1db31|C:\Windows\system32\lsasrv.dll+1c350|C:\Windows\system32\lsasrv.dll+2878b|C:\Windows\SYSTEM32\SspiSrv.dll+1467|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.853{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+f86b|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.853{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+f71b|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.853{ED6274ED-C6F0-61E7-0B00-000000002302}6405532C:\Windows\system32\lsass.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+1b8ad|C:\Windows\system32\lsasrv.dll+2878b|C:\Windows\SYSTEM32\SspiSrv.dll+1467|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000250965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.825{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\ApplicationMD5=A7B93B0FAB37EC999CC322565674C34E,SHA256=5FA80A6F4B8626732976CC72B404EC2E85B1503B30E8EA99567F0EB11BBCD018,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000250964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.825{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\ApplicationMD5=8E34F412A45276155E0955EC06EEEBE0,SHA256=514B1E3263F162F51E342CBD1DFF8C9B71DE45B6DB1A2161278402CB2A68B552,IMPHASH=00000000000000000000000000000000falsetrue 17141700x8000000000000000250963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:18:23.533{ED6274ED-0F9F-61E8-5C0A-000000002302}7712\dotnet-diagnostic-7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe 10341000x8000000000000000250962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.425{ED6274ED-C6F3-61E7-1500-000000002302}11486132C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x100000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\cryptsvc.dll+6124|c:\windows\system32\cryptsvc.dll+5e34|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.413{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 13241300x8000000000000000250960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDBSetValue2022-01-19 13:18:23.413{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exeHKU\S-1-5-21-1045181283-1041755688-4012098945-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\C:\Temp\dnSpy-net-win32\dnSpy.Console.exeBinary Data 10341000x8000000000000000250959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.413{ED6274ED-C6F3-61E7-1100-000000002302}83704C:\Windows\System32\svchost.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\pcasvc.dll+52e4|c:\windows\system32\pcasvc.dll+58a9|c:\windows\system32\pcasvc.dll+5b49|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.413{ED6274ED-C6F3-61E7-1100-000000002302}83704C:\Windows\System32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1440C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+5bab|c:\windows\system32\pcasvc.dll+5b07|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.413{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.413{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.413{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.413{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000250953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.413{ED6274ED-C837-61E7-A600-000000002302}34043900C:\Windows\system32\csrss.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000250952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.409{ED6274ED-C83C-61E7-B500-000000002302}47004728C:\Windows\Explorer.EXE{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Windows\System32\windows.storage.dll+a912f|C:\Windows\System32\windows.storage.dll+a8da5|C:\Windows\System32\windows.storage.dll+a8896|C:\Windows\System32\windows.storage.dll+a9d08|C:\Windows\System32\windows.storage.dll+a86be|C:\Windows\System32\windows.storage.dll+ab4d5|C:\Windows\System32\windows.storage.dll+ab854|C:\Windows\System32\windows.storage.dll+aae90|C:\Windows\System32\windows.storage.dll+ad6ba|C:\Windows\System32\windows.storage.dll+ad472|C:\Windows\System32\SHELL32.dll+3f8bd|C:\Windows\System32\SHELL32.dll+3e456|C:\Windows\System32\SHELL32.dll+801e1|C:\Windows\System32\SHELL32.dll+6717e|C:\Windows\System32\SHELL32.dll+18ce6c|C:\Windows\System32\SHELL32.dll+18cbc3|C:\Windows\System32\SHCORE.dll+33fad|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000250951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:23.407{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe6.1.8.0dnSpy.ConsolednSpy.ConsolednSpy.ConsolednSpy.Console.dll"C:\Temp\dnSpy-net-win32\dnSpy.Console.exe" C:\Temp\dnSpy-net-win32\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=D497DD46AF328466CB46D199520006CF,SHA256=3B2742B8ABCCC68E8EDEE94F6B85365B146E2B1E38335FFA6A85DA301602B5E3,IMPHASH=E3F0C6F49DC92A0DE8B1A1437EDF5338{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\explorer.exeC:\Windows\Explorer.EXE /NOUACCHECK 10341000x8000000000000000178464Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.726{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F9F-61E8-0D09-000000002402}1876C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178463Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.726{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178462Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.726{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178461Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.726{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178460Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.726{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178459Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.726{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178458Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.726{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178457Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.726{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178456Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.726{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178455Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.726{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178454Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.726{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-0F9F-61E8-0D09-000000002402}1876C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178453Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.726{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F9F-61E8-0D09-000000002402}1876C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178452Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.727{F0653C0F-0F9F-61E8-0D09-000000002402}1876C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178451Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.617{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=EA6FDA04EA25009D6AE74FA0548B1BEB,SHA256=78480AB65B8E51ACEC2E8F64578B0E21E8A69C43FD92C5268688F307917F0F7F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178450Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.617{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=0BCE8E671EAA4C16C36F5C3935C34FFE,SHA256=435D2519BBFFA35C1F8348815EA120D04951C46D1A5739F95D82EDA7EEDF8F2B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178449Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.054{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0F9F-61E8-0C09-000000002402}2672C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178448Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.054{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178447Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.054{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178446Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.054{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178445Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.054{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178444Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.054{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178443Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.054{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178442Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.054{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178441Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.054{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178440Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.054{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178439Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.054{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-0F9F-61E8-0C09-000000002402}2672C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178438Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.054{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0F9F-61E8-0C09-000000002402}2672C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178437Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:23.055{F0653C0F-0F9F-61E8-0C09-000000002402}2672C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000251036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.947{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=38EE5DA606803D39062F2AE4C739D37F,SHA256=CF77ED313A41B214933B74D2CB570EDBB8E063FA0B98925CA63E8733D53AF948,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.422{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SystemMD5=546BF8B0AF50B1F76A225DB316CC4C62,SHA256=E55FA8C78D39DAEAD0A7D2348FB916011F719394368E6BEF6F753AB99236444C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.422{ED6274ED-C83C-61E7-B500-000000002302}47005388C:\Windows\Explorer.EXE{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000251033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.422{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SystemMD5=6EAF2C22203BCD4E21744940B497DCF9,SHA256=489C4CE037A7839DBE22CDD3E07ACFC6E59C5EAFA036A649A2794A850B41B682,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.422{ED6274ED-C83C-61E7-B500-000000002302}47005388C:\Windows\Explorer.EXE{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.422{ED6274ED-C83C-61E7-B500-000000002302}47005388C:\Windows\Explorer.EXE{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.422{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.421{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.420{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.420{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\Explorer.EXE+1f054|C:\Windows\Explorer.EXE+1f000|C:\Windows\Explorer.EXE+1dfec|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000251026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.417{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=50A686A2EBAB3BBA073EF2EFABF3C125,SHA256=4EF49EFD1C63E58088ECC6515CA84CF0300CD9003709D12D22D9044897649B37,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.416{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=1F0D9F661D1B52AF3552ACBB81BC4CAE,SHA256=693158C426F6C7B475BA940A132B6520CEE1387A3F680504FB1F7963AC643B6F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.394{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62db0|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.394{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+47bc0|C:\Windows\System32\SHELL32.dll+62d6c|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.394{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.394{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.306{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.283{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.276{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.266{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000251016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.246{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3574133F928B49409B019ADF067C065B,SHA256=80092B86BAF3700D64491E79A4A6F3A2D7CA79B4AE33B229FA1BCEF37AF3385E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.185{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\SYSTEM32\ntdll.dll+a99ac(wow64)|C:\Windows\System32\KERNEL32.DLL+33dd3(wow64)|C:\Windows\System32\KERNEL32.DLL+2b6b1(wow64)|C:\Windows\System32\wer.dll+3efa2(wow64)|C:\Windows\System32\wer.dll+3f373(wow64)|C:\Windows\System32\wer.dll+3fba6(wow64)|C:\Windows\System32\wer.dll+20335(wow64)|C:\Windows\System32\wer.dll+154e1(wow64)|C:\Windows\System32\faultrep.dll+105ec(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000251014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.180{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\wer.dll+32eeb(wow64)|C:\Windows\System32\wer.dll+24792(wow64)|C:\Windows\System32\wer.dll+15589(wow64)|C:\Windows\System32\faultrep.dll+104d0(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000251013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.166{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+33fe2f(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+33d738(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1ee5e9(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1ee664(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1ee6ed(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+28c8c5(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+29305d(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1e12f4(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+28c4f9(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cb18d(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cb022(wow64) 23542300x8000000000000000178466Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:24.851{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=EA6FDA04EA25009D6AE74FA0548B1BEB,SHA256=78480AB65B8E51ACEC2E8F64578B0E21E8A69C43FD92C5268688F307917F0F7F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.142{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+3404d2(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+33c892(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+232f54(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+233565(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+239e56(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cf2f2(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cd856(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cf434(wow64)|C:\Windows\System32\faultrep.dll+15525(wow64)|C:\Windows\System32\faultrep.dll+eeab(wow64)|C:\Windows\System32\faultrep.dll+10365(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64) 23542300x8000000000000000251011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.086{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\ApplicationMD5=A7B93B0FAB37EC999CC322565674C34E,SHA256=5FA80A6F4B8626732976CC72B404EC2E85B1503B30E8EA99567F0EB11BBCD018,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.085{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\faultrep.dll+26e53(wow64)|C:\Windows\System32\faultrep.dll+1a7c6(wow64)|C:\Windows\System32\faultrep.dll+1a975(wow64)|C:\Windows\System32\faultrep.dll+19f7b(wow64)|C:\Windows\System32\faultrep.dll+ff81(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 13241300x8000000000000000251009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDB-VerSetValue2022-01-19 13:18:24.082{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe\REGISTRY\A\{e1fefbac-9eed-fee1-f538-f40bdff52aa1}\Root\InventoryApplicationFile\dnspy.console.ex|afb9ed42e78830ba\BinProductVersion0.0.0.0 13241300x8000000000000000251008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDB-CompileTimeClaimSetValue2022-01-19 13:18:24.082{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe\REGISTRY\A\{e1fefbac-9eed-fee1-f538-f40bdff52aa1}\Root\InventoryApplicationFile\dnspy.console.ex|afb9ed42e78830ba\LinkDate10/19/2020 19:08:30 13241300x8000000000000000251007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDB-PubSetValue2022-01-19 13:18:24.082{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe\REGISTRY\A\{e1fefbac-9eed-fee1-f538-f40bdff52aa1}\Root\InventoryApplicationFile\dnspy.console.ex|afb9ed42e78830ba\Publisherdnspy.console 13241300x8000000000000000251006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDB-PathSetValue2022-01-19 13:18:24.082{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe\REGISTRY\A\{e1fefbac-9eed-fee1-f538-f40bdff52aa1}\Root\InventoryApplicationFile\dnspy.console.ex|afb9ed42e78830ba\LowerCaseLongPathc:\temp\dnspy-net-win32\dnspy.console.exe 23542300x8000000000000000251005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:24.014{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7AA9AA01E7EB3364FB8A9AE336028FB2,SHA256=B142C297FB2DE3C4A586D2BE163B9746BEE9851C771F9E46594B5C04BAAC5929,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.968{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FD2D34A01C071A38B96F98EBE68B1FF3,SHA256=E0E73D3B5819EB3646A945D3A48A19F5EFA87CAD769FFF7D2E19E1DA354BA316,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178467Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:25.039{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D8CEACF0075A3B91EE1715B05AF43CB6,SHA256=B662C63F121C0D06E31F6E5D98D0B6B913DE7BD45CA7ED0430DF5673819119F5,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.539{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.539{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.539{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.539{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.539{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.539{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.539{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.539{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.539{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.539{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.538{ED6274ED-0F9F-61E8-5E0A-000000002302}74726352C:\Windows\SysWOW64\WerFault.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000251154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.103{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FC2F40199AFFE1D55639075C6DA427C7,SHA256=0B2CC2724D6A1A59329EAE86C6233D2E1FBF2B488C5521864E2F52461A7B4A06,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.059{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8C02E236F21326C8A251FF2FA19EEB5A,SHA256=805B395A58E035A01DDFA436D49009DE07082A5FF8D10A0151C08211D1D33513,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5C0A-000000002302}7712C:\Temp\dnSpy-net-win32\dnSpy.Console.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.023{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.023{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:25.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5E0A-000000002302}7472C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000251180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.980{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C23A17C42CFE3980391DF75DBC4D636F,SHA256=B0707D08F5D43BB1A672D133FBBEB9D2E1FE0E1C3491E80001A7DAF5A57E9A1F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178482Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.836{F0653C0F-0FA2-61E8-0E09-000000002402}3628992C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178481Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.632{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0FA2-61E8-0E09-000000002402}3628C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178480Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178479Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178478Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178477Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178476Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178475Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178474Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178473Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178472Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178471Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.632{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-0FA2-61E8-0E09-000000002402}3628C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178470Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.632{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0FA2-61E8-0E09-000000002402}3628C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178469Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.633{F0653C0F-0FA2-61E8-0E09-000000002402}3628C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178468Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.117{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=62C81CAF4118606BEF5DA5B28A7F7474,SHA256=3A8CAF337CDF067FB38B717D7A78437A3BEABDC15267BD3D89B2F00026F2FACE,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.536{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.536{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 17141700x8000000000000000251177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:18:26.480{ED6274ED-0FA2-61E8-5F0A-000000002302}5892\dotnet-diagnostic-5892C:\Temp\dnSpy-net-win32\dnSpy.exe 10341000x8000000000000000251176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.340{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.336{ED6274ED-C6F3-61E7-1100-000000002302}83704C:\Windows\System32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\pcasvc.dll+52e4|c:\windows\system32\pcasvc.dll+58a9|c:\windows\system32\pcasvc.dll+5b49|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.336{ED6274ED-C6F3-61E7-1100-000000002302}83704C:\Windows\System32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1440C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+5bab|c:\windows\system32\pcasvc.dll+5b07|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.336{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.336{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.336{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.336{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.336{ED6274ED-C837-61E7-A600-000000002302}34043900C:\Windows\system32\csrss.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000251168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.336{ED6274ED-C83C-61E7-B500-000000002302}47001188C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Windows\System32\windows.storage.dll+a912f|C:\Windows\System32\windows.storage.dll+a8da5|C:\Windows\System32\windows.storage.dll+a8896|C:\Windows\System32\windows.storage.dll+a9d08|C:\Windows\System32\windows.storage.dll+a86be|C:\Windows\System32\windows.storage.dll+ab4d5|C:\Windows\System32\windows.storage.dll+ab854|C:\Windows\System32\windows.storage.dll+aae90|C:\Windows\System32\windows.storage.dll+ad6ba|C:\Windows\System32\windows.storage.dll+ad472|C:\Windows\System32\SHELL32.dll+3f8bd|C:\Windows\System32\SHELL32.dll+3e456|C:\Windows\System32\SHELL32.dll+801e1|C:\Windows\System32\SHELL32.dll+6717e|C:\Windows\System32\SHELL32.dll+18ce6c|C:\Windows\System32\SHELL32.dll+18cbc3|C:\Windows\System32\SHCORE.dll+33fad|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000251167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:26.335{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe6.1.8.0dnSpydnSpydnSpydnSpy.dll"C:\Temp\dnSpy-net-win32\dnSpy.exe" C:\Temp\dnSpy-net-win32\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=6E2E86E49D9F0FAA7107F00D4D856A86,SHA256=937DE02BA7A3522404B82FA09ACECE6A3063C40DF760BA4FC6A3344083D5EB12,IMPHASH=E3F0C6F49DC92A0DE8B1A1437EDF5338{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\explorer.exeC:\Windows\Explorer.EXE /NOUACCHECK 23542300x8000000000000000251185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:27.987{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=12A8D2249D6E643C2A4491A2A8757452,SHA256=FD5069B299F8BFC9F989C9A9BCBB8D3363AB224FFB07FB95921F03634B5B408C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:27.722{ED6274ED-C6F3-61E7-1200-000000002302}4201568C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6cd4|c:\windows\system32\fntcache.dll+17a6f|c:\windows\system32\fntcache.dll+1a637|c:\windows\system32\fntcache.dll+1aa6c|c:\windows\system32\fntcache.dll+501de|c:\windows\system32\fntcache.dll+4fee2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 13241300x8000000000000000251183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDBSetValue2022-01-19 13:18:27.549{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exeHKU\S-1-5-21-1045181283-1041755688-4012098945-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\C:\Temp\dnSpy-net-win32\dnSpy.Console.exeBinary Data 10341000x8000000000000000251182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:27.397{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000251181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:27.353{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=50A686A2EBAB3BBA073EF2EFABF3C125,SHA256=4EF49EFD1C63E58088ECC6515CA84CF0300CD9003709D12D22D9044897649B37,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178513Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.804{F0653C0F-0FA3-61E8-1009-000000002402}9521520C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 354300x8000000000000000178512Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:26.052{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53326-false10.0.1.12-8000- 23542300x8000000000000000178511Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.679{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=C85C02B8977D9F5306B74AD605B67A43,SHA256=96F0A4AE9E998B03692D798A9CDF90E5F6B4D0AC55FED530DBC16A12CA8E92C4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178510Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.632{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0FA3-61E8-1009-000000002402}952C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178509Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178508Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178507Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178506Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.632{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-0FA3-61E8-1009-000000002402}952C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178505Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178504Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178503Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178502Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178501Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178500Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.632{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178499Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.632{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0FA3-61E8-1009-000000002402}952C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178498Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.633{F0653C0F-0FA3-61E8-1009-000000002402}952C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000178497Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.352{F0653C0F-0FA3-61E8-0F09-000000002402}31242856C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178496Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4EEE9E88A216CF8EE4AC3E8C7E71F3E4,SHA256=83B56324CE0873AEFB4C4051FD04E24C41B18946E2170FB346AD3C46AE736DBF,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178495Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0FA3-61E8-0F09-000000002402}3124C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178494Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178493Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178492Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178491Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178490Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178489Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178488Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178487Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178486Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178485Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-0FA3-61E8-0F09-000000002402}3124C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178484Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.132{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0FA3-61E8-0F09-000000002402}3124C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178483Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:27.133{F0653C0F-0FA3-61E8-0F09-000000002402}3124C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178514Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:28.304{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3EE35925BF623CF846944B32E7A38B44,SHA256=0C6D043DFF4B4C7982692CAAA34565AD9D6CE5A868EAA1304DE8323DB68F4F23,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.888{ED6274ED-0FA2-61E8-5F0A-000000002302}5892ATTACKRANGE\AdministratorC:\Temp\dnSpy-net-win32\dnSpy.exeC:\Users\Administrator\AppData\Local\dnSpy\Startup32\net\startup.profileMD5=78BA7A4A0F0719D4FC6E94E85525473D,SHA256=25C4CC649A4077F73434478A6B93E29A46848894BA30AB22D10C8B427150E36F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.557{ED6274ED-C83C-61E7-B500-000000002302}47005388C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.556{ED6274ED-C83C-61E7-B500-000000002302}47005388C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.556{ED6274ED-C83C-61E7-B500-000000002302}47005388C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.549{ED6274ED-C83B-61E7-B000-000000002302}43164388C:\Windows\system32\taskhostw.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\MSCTF.dll+af11|C:\Windows\System32\MSCTF.dll+b489|C:\Windows\System32\MSCTF.dll+be73|C:\Windows\System32\MSCTF.dll+3d812|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.545{ED6274ED-C83B-61E7-B000-000000002302}43164388C:\Windows\system32\taskhostw.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\MSCTF.dll+af11|C:\Windows\System32\MSCTF.dll+b489|C:\Windows\System32\MSCTF.dll+be73|C:\Windows\System32\MSCTF.dll+3d812|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.541{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.540{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.540{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.539{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\Explorer.EXE+1f054|C:\Windows\Explorer.EXE+1f000|C:\Windows\Explorer.EXE+1dfec|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.539{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62db0|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.539{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+47bc0|C:\Windows\System32\SHELL32.dll+62d6c|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.539{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.538{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 354300x8000000000000000251192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:27.145{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60293-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000251191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.322{ED6274ED-C6F3-61E7-1200-000000002302}4201568C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6cd4|c:\windows\system32\fntcache.dll+17a6f|c:\windows\system32\fntcache.dll+1a637|c:\windows\system32\fntcache.dll+1aa6c|c:\windows\system32\fntcache.dll+501de|c:\windows\system32\fntcache.dll+4fee2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.318{ED6274ED-C6F3-61E7-1200-000000002302}4201568C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6cd4|c:\windows\system32\fntcache.dll+17a6f|c:\windows\system32\fntcache.dll+1a637|c:\windows\system32\fntcache.dll+1aa6c|c:\windows\system32\fntcache.dll+501de|c:\windows\system32\fntcache.dll+4fee2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.262{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+163fd|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+268c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.262{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+19ab3|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.258{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:28.258{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178528Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.367{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F1BEBEDA8E2CB5280AEF9F2024EE7F4F,SHA256=9591A3BD5E9FD435FFF2CCD1DE47BBBDC87817307FD0C1FA8A3618096B40141A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:29.000{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=40644603365F6374FFE0F2CF3C49841A,SHA256=50AA1A47D8407B8BBBEA77205D6D6B9C8EBD57FE94018300A2A8CE95A68FE21A,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178527Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.007{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0FA5-61E8-1109-000000002402}2476C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178526Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.007{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178525Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.007{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178524Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.007{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178523Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.007{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178522Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.007{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178521Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.007{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178520Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.007{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178519Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.007{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178518Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.007{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178517Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.007{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-0FA5-61E8-1109-000000002402}2476C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178516Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.007{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0FA5-61E8-1109-000000002402}2476C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178515Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:29.008{F0653C0F-0FA5-61E8-1109-000000002402}2476C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178530Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:30.570{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3665FD418977A4752A8097764D8C7D5C,SHA256=9211328F7CE6AEC751DA2641F1C3E1F47DB8BAF15517AD0DCCF994286302A751,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.304{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=14C88535293CD1A4844E7713710FDCF4,SHA256=BB00577342FAA85B0F7CDB26ED9D4018E408EA9C185E44A0E5C7120EE3E58DE1,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.264{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.264{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.264{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.264{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 23542300x8000000000000000251405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.264{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EEA07CAABF2952ED0B5810BDB5231133,SHA256=3A0536DF99936A73CC9524D9A021D6D761271E6485097CF6A8F7F1C771988DA7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.264{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 23542300x8000000000000000178529Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:30.023{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=DF5779B0BB0EB1E365BBAEDA56AFC92A,SHA256=E54E6FFA750D63072B63D37B05A85A3F0C16BA677B7FAA5A049C2396B951081F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.264{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.264{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.260{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.260{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.260{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.260{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.260{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.260{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.260{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.260{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.260{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.256{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.256{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.256{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.256{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.256{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.256{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.256{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.256{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.252{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.252{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.252{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.252{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.252{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.252{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.252{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.252{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.252{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.248{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.248{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.248{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.248{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C838-61E7-A900-000000002302}3024C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.248{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.248{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.244{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.244{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.244{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.244{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.244{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.244{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.244{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2E00-000000002302}2420C:\Windows\system32\wbem\unsecapp.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.244{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.240{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.240{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.240{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.240{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.240{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.240{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.236{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.236{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.236{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.236{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.236{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.236{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.236{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.236{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.232{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.232{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.232{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.232{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.232{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.232{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0F00-000000002302}1016C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.232{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.232{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.232{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.228{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.228{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000251336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.220{ED6274ED-C6F0-61E7-0B00-000000002302}6405532C:\Windows\system32\lsass.exe{ED6274ED-0FA6-61E8-600A-000000002302}1032C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.220{ED6274ED-C6F0-61E7-0B00-000000002302}6405532C:\Windows\system32\lsass.exe{ED6274ED-0FA6-61E8-600A-000000002302}1032C:\Windows\system32\wbem\wmiprvse.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+26327|C:\Windows\system32\lsasrv.dll+2746d|C:\Windows\system32\lsasrv.dll+261a5|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.220{ED6274ED-C6F0-61E7-0B00-000000002302}6405532C:\Windows\system32\lsass.exe{ED6274ED-0FA6-61E8-600A-000000002302}1032C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\lsasrv.dll+260ed|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.208{ED6274ED-C6F3-61E7-1600-000000002302}12166000C:\Windows\system32\svchost.exe{ED6274ED-0FA6-61E8-600A-000000002302}1032C:\Windows\system32\wbem\wmiprvse.exe0x101541C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\wmiprvsd.dll+20fee|C:\Windows\system32\wbem\wmiprvsd.dll+43f7|C:\Windows\system32\wbem\wmiprvsd.dll+15538|C:\Windows\system32\wbem\wmiprvsd.dll+1498a|C:\Windows\system32\wbem\wmiprvsd.dll+146e6|C:\Windows\system32\wbem\wmiprvsd.dll+140fe|C:\Windows\system32\wbem\wbemcore.dll+b920|C:\Windows\system32\wbem\wbemcore.dll+255ff|C:\Windows\system32\wbem\wbemcore.dll+24a9a|C:\Windows\system32\wbem\wbemcore.dll+2485e|C:\Windows\system32\wbem\wbemcore.dll+2685b|C:\Windows\system32\wbem\wbemcore.dll+22b78|C:\Windows\system32\wbem\wbemcore.dll+22a19|C:\Windows\system32\wbem\wbemcore.dll+21f5a|C:\Windows\system32\wbem\wbemcore.dll+22711|C:\Windows\system32\wbem\wbemcore.dll+2d78c|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.192{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0FA6-61E8-600A-000000002302}1032C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000251331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.116{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9F332AE5AD4055DCE4F61ABA54810A5B,SHA256=53DB5392BFF50CD47A273A8102853E9D3F43BC82DC6F0979109ECAB5CE3C7FC1,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.044{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0FA6-61E8-600A-000000002302}1032C:\Windows\system32\wbem\wmiprvse.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000251329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.044{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0FA6-61E8-600A-000000002302}1032C:\Windows\system32\wbem\wmiprvse.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6f453|C:\Windows\System32\KERNEL32.DLL+1d37f|c:\windows\system32\rpcss.dll+366d9|c:\windows\system32\rpcss.dll+3bec2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.040{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+f86b|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.040{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+f71b|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.040{ED6274ED-C6F0-61E7-0B00-000000002302}6405532C:\Windows\system32\lsass.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+1b8ad|C:\Windows\system32\lsasrv.dll+2878b|C:\Windows\SYSTEM32\SspiSrv.dll+1467|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+316f1(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000251293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=09C1A1AEB407844E42751DA45AA16213,SHA256=93978975EA324E3275F50C230BD11ACF67610EB279DAC3A765FE7AFC21AADA67,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.024{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.024{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.024{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.024{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.024{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.024{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000251208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:30.012{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8CFB8E3E18B0E5276657436700BC5D9B,SHA256=3578D525FC355D31F988FDCAD76FACFE44CC60FD6DEEAE23F46F542B6441F5D6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178531Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:31.711{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F397639A130612111D8DE0FAE31BE145,SHA256=67F2E17ED26D24D1BD91E6F7783B1446C1C7AA9A61C1D9CAAD0544029A90FCE3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:31.044{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=DE4983BDEDDB44A4CDE079EFC411AE0D,SHA256=6DFC0705975581DC2C5496FC7830ACDF0C07A273629F99B72DC223B60239ECDD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:31.016{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=72F59D5FBCD81E493EE7D75D459FF605,SHA256=9F7262FE64BB10431ADF3FF3669DA6AEC8855006FA43CFD0BB0C869FF0035C70,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178532Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:32.757{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CBA2C2696E33E8CFF0A4AC978B43E41B,SHA256=0CFCDA5DB0FC333337406BB559E012EE60F4153BA0317D0AA816E7B44AE455B3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:32.017{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=38B3C68D1A17558EF2577809BD16682D,SHA256=2443FB64DB2792D9D28F44E1C8C3A552910C17CEC305262C991F811F9351CEA1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178533Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:33.804{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A1CDE75A2A4918BF588B27D2D6DE1D9F,SHA256=DA68D4E963D5A087BE48636260D3B6A0EC44DC73E1FB0BAEAB91988523AF6C20,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:33.979{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-0FA9-61E8-610A-000000002302}7416C:\Windows\system32\DllHost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:33.979{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-0FA9-61E8-610A-000000002302}7416C:\Windows\system32\DllHost.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:33.967{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0FA9-61E8-610A-000000002302}7416C:\Windows\system32\DllHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:33.959{ED6274ED-C837-61E7-A600-000000002302}34043476C:\Windows\system32\csrss.exe{ED6274ED-0FA9-61E8-610A-000000002302}7416C:\Windows\system32\DllHost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\SYSTEM32\CSRSRV.dll+1a30|C:\Windows\SYSTEM32\CSRSRV.dll+5c09|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000251416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:33.955{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0FA9-61E8-610A-000000002302}7416C:\Windows\system32\DllHost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000251415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:33.955{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-0FA9-61E8-610A-000000002302}7416C:\Windows\system32\DllHost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6f453|C:\Windows\System32\KERNEL32.DLL+1d37f|c:\windows\system32\rpcss.dll+366d9|c:\windows\system32\rpcss.dll+3bec2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000251414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:33.046{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ED5205D64E8A6789BEC672BC66BA9E43,SHA256=0D56E5CFE8F0B5A711243DB8CA5C668B51A3B64B8DF104D3B76BB904B5FC7D84,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178535Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:34.836{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1C36240D8026A618FA7B7CE85D7BBDF6,SHA256=4AE34F5C017CFB864C176EF68E1BBA3BE95ED4D01E352A97042F415B3CC7ABCD,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178534Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:31.192{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53327-false10.0.1.12-8000- 23542300x8000000000000000251425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:34.956{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=75270CFFC702BC66E4EC9717C6113C70,SHA256=E6B4C334B603675759A395BF58D469A115176290DC6C6F055D1ED62F10B20D64,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:34.591{ED6274ED-C83C-61E7-B500-000000002302}47005776C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\ole32.dll+8a12e|C:\Windows\System32\ole32.dll+89a2b|C:\Windows\System32\ole32.dll+88be7|C:\Windows\System32\ole32.dll+8c817|C:\Windows\System32\SHELL32.dll+2c8e0d|C:\Windows\System32\SHELL32.dll+2838ce|C:\Windows\system32\explorerframe.dll+b29b9|C:\Windows\system32\DUI70.dll+48b9d|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\System32\DUser.dll+9f5a|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58770|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58547|C:\Windows\system32\explorerframe.dll+4f50e|C:\Windows\system32\explorerframe.dll+4d2f6|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+587c9|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58547|C:\Windows\system32\explorerframe.dll+1aced|C:\Windows\system32\explorerframe.dll+1ac26|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+587c9 10341000x8000000000000000251423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:34.591{ED6274ED-C83C-61E7-B500-000000002302}47005776C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\ole32.dll+b5f02|C:\Windows\System32\ole32.dll+899f9|C:\Windows\System32\ole32.dll+88be7|C:\Windows\System32\ole32.dll+8c817|C:\Windows\System32\SHELL32.dll+2c8e0d|C:\Windows\System32\SHELL32.dll+2838ce|C:\Windows\system32\explorerframe.dll+b29b9|C:\Windows\system32\DUI70.dll+48b9d|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\System32\DUser.dll+9f5a|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58770|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58547|C:\Windows\system32\explorerframe.dll+4f50e|C:\Windows\system32\explorerframe.dll+4d2f6|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+587c9|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58547|C:\Windows\system32\explorerframe.dll+1aced|C:\Windows\system32\explorerframe.dll+1ac26|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+587c9 10341000x8000000000000000251422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:34.099{ED6274ED-C83C-61E7-B500-000000002302}47005776C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\ole32.dll+8a220|C:\Windows\System32\ole32.dll+8c32e|C:\Windows\System32\ole32.dll+8c7fb|C:\Windows\System32\SHELL32.dll+2c8e0d|C:\Windows\System32\SHELL32.dll+2838ce|C:\Windows\system32\explorerframe.dll+b29b9|C:\Windows\system32\DUI70.dll+48b9d|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\System32\DUser.dll+9f5a|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58770|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58547|C:\Windows\system32\explorerframe.dll+4f50e|C:\Windows\system32\explorerframe.dll+4d2f6|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+587c9|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58547|C:\Windows\system32\explorerframe.dll+1aced|C:\Windows\system32\explorerframe.dll+1ac26|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+587c9|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+5888a 23542300x8000000000000000251421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:34.055{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=46B21B8606CDFB6A5EC4C05698B8A73E,SHA256=236A91F218F9C5060B0E7177978DE0DB92D5B1392573CB8A27B4500975D7829F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178536Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:35.867{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=16B93F8560EBBEB84C8C192AE44D2D58,SHA256=728342BD39E911F89FB114D076CE12634C98ED1166C42E7BC26FB023124ECABD,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000251543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:33.143{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60294-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000251542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.125{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=559EE55386135BA796223D1D170AC0AE,SHA256=B855CE011CD3C9D22769B75ADA2B5397F85027C541EA3CB40551AB7C405B5F6D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA9-61E8-610A-000000002302}7416C:\Windows\system32\DllHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000251521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.034{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B1BAD4B7275BDED683BFCE7C0105844E,SHA256=C09901E7C688A2791AD6434A6640A1534E0ACA861D95F60969159BABE5212231,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.031{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.030{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.030{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.030{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.030{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.030{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.030{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.030{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.030{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.030{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.030{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.029{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.028{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.027{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.020{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.020{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.020{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.020{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.020{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.020{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.020{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.018{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.018{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.018{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.018{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.017{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.017{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.017{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:35.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000251544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:36.133{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=75A9E65C6D0840D07E57870679BC6C9A,SHA256=B7147A1B118E73B24F6663458A8ECFEF1B0B22F81F7120FB6C910D66E2DC16A9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:37.148{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CE2EFE4E9A3F41C5097FCD95A5FC3B31,SHA256=620B1B6474105535CC3D637957676DD6D6B6881A49B2F3086D0EA6954541A12A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178537Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:37.007{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=83DA57DE82BD5F870A805702D83EFFF1,SHA256=D4BB32F85FEA532314559BF7ADBDE180DCAFC78FBC001084136BF342E770F93D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:38.168{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D771BD8A122439551BA912556F86B575,SHA256=040427CBA9F572D1B8E8F9375EAD6DDD8E19A605560C7836B35AF6AE1D0A1C7E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178538Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:38.054{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ED247C0A97B7DA3C97F9E677BDA1E4C2,SHA256=0F3F8DA5A004F6566B298DDBEA15F610E2721ED4A5059C9361599B30CBBECAB1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178539Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:39.086{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=52950DA523664989A649BA047890EAF8,SHA256=18E98D3BBA44698201FB2FB620389433ABF9A2AA4783CC9693A67D7515C98AA3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:39.183{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C6741DA884B3BB8F078C9CFF0088E22B,SHA256=83AF024BE64C41DA91E22859D7E0F40F9193428D87BF8239BE076D08258666F4,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178541Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:37.161{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53328-false10.0.1.12-8000- 23542300x8000000000000000178540Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:40.117{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=74900B03BCDC0466DB9DABDC3B5D3484,SHA256=A1BAECB4439AA7D56A1DD9A2623BC3317563E8C466E148B9B42F474C95238A77,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.898{ED6274ED-0FA2-61E8-5F0A-000000002302}5892ATTACKRANGE\AdministratorC:\Temp\dnSpy-net-win32\dnSpy.exeC:\Users\Administrator\AppData\Local\dnSpy\Startup32\net\startup-roslyn.profileMD5=30E76A851F95BC32D3A5D767AECD1401,SHA256=09235C785CC9AD2B99F9B84913AC61C9694AD73E141500AA8BFF4375AA234AC6,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000251665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:38.249{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60295-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000251664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.229{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2F9E4B37542BB875A627D9489DE98487,SHA256=0CC3692A11BE24A63B882D377B00996A347B9A5247DA170870B18CAF545E39CC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.198{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FEAB8FEE0D4DEA0F61650DF348240DFA,SHA256=98B3358386BE95F4AE03F04C6CCD48B4936C93B774B4B23987D776190BFF6F40,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.082{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000251583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4951B65EA498481254FCD4CC8A806026,SHA256=1CBD2A3CA9BB239BFADEC07BA9EECDA8457FF64D056EFDB433200EB880179688,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.067{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:40.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000251667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:41.244{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=075BBB95142EEF348DE790699BEAF5F7,SHA256=BB363A88009FEDB857EE99C3B6AD036EBA874CEF95F5351CDF122724E0267AD6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178542Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:41.132{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E365E9C9E99A7A60AB8405CA04A867FA,SHA256=F662D1D43040D3D4776FB58D897BC8B1D0DF866E3F4393AE4A9447C82F102E84,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:42.261{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B95E92FBF6742F95BE2AF594DAA2F1AB,SHA256=1A300F7DFE1D1C515AE73ABF817D5F5B12C8A67CB0C095B225402239537C9636,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178543Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:42.148{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=403503C474E6E19B6A3A7FEA06E8CA98,SHA256=26E5A35F8EEAB02DAFE76A2F1DA6E607D03A6870BE7C9920655CC43E7890A277,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:43.279{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DC2BFBBEDEBAEBC091BFE64B19F0E638,SHA256=121ACFB0B2A5CB7D5B46A67CF7BE1E338A830FB3241094DC1432C475AE67BC4C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178544Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:43.164{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9B584C1C9309DB179CD89AF4A48E1BC2,SHA256=07564799D88BF7A137D072706C08C03E5029A150E0319B33FD29FD88EB31FF8B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:43.242{ED6274ED-C6F0-61E7-0B00-000000002302}6405532C:\Windows\system32\lsass.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\kerberos.DLL+96ef2|C:\Windows\system32\kerberos.DLL+793e4|C:\Windows\system32\kerberos.DLL+1443f|C:\Windows\system32\lsasrv.dll+2f1f1|C:\Windows\system32\lsasrv.dll+2d0d6|C:\Windows\system32\lsasrv.dll+32919|C:\Windows\system32\lsasrv.dll+30267|C:\Windows\system32\lsasrv.dll+2f1f1|C:\Windows\system32\lsasrv.dll+1752d|C:\Windows\SYSTEM32\SspiSrv.dll+1a96|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e 354300x8000000000000000178546Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:43.021{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53329-false10.0.1.12-8000- 23542300x8000000000000000178545Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:44.179{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=824BBB857D8B059E24D2F4BD5D076422,SHA256=ED61A5C5E24327CE25A5983A305C04F674A19C301AAD21BC6DB3777185BC14AF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:44.293{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4D8DEF7AA12A1B5AF4CBD96FF0912976,SHA256=032628B10A1175C7F0B49B34B7FA55CD4EBA51D43A67FD204384430E47106545,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:44.261{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=17F9DB280143535535D2B16E13D66DAF,SHA256=2608EC9F1F89AA9C1C69200E6CE56D4290A55FF3459EAF623015ECB4BE5ACAA0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:44.259{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=CCB8536A9CF6F7F9F4D5C982896444CD,SHA256=F1B9806C1723F8372FEA70516527421F48E9655E3AA099E42F816708FF77ED90,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178547Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:45.351{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7ADAF5F6B563C7EF41C6E5C97889FE67,SHA256=3F3FF83D584A147AEFD7C824F7273C26165FD055CD86D55C30B78A3A369027DE,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000251793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:44.143{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60297-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 354300x8000000000000000251792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:43.308{ED6274ED-C6EA-61E7-0100-000000002302}4SystemNT AUTHORITY\SYSTEMtcpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60296-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local445microsoft-ds 354300x8000000000000000251791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:43.307{ED6274ED-C6EA-61E7-0100-000000002302}4SystemNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60296-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local445microsoft-ds 23542300x8000000000000000251790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.308{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D18BC321FD192ADBC6313AF40B544852,SHA256=C6F97CE62D68C5A68FE9E4E2E9607622157D4DE7609E10F391C9B2588F57D443,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.177{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5CAF9724365F69A726950F43DFCD3A2B,SHA256=EC4D70EAE44B58B85D5CEA2ACB4D14AF8E1CB1C95E74B49522B4D2C3E27F9DF9,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000251700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.077{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D94DB0722C47620B235C47BE1435D5E9,SHA256=BFB8F5BF99CE7E2335DE1EFD0478D44B666D34A3AE7D23D1379A1DD376511BFF,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.061{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.060{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.059{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.058{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.057{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:45.055{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178548Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:46.398{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EEC9EEBB9DAADD1915F282B6AF686DF4,SHA256=22BCAC766CE6D1181F3BECCB13F7BE56C1AF58E1841A7E0D9B7DF7CE67951522,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:46.479{ED6274ED-0D92-61E8-F709-000000002302}7808ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\Network Persistent State~RF11c65c9.TMPMD5=31084A76DD91096198D95CEA9D589C77,SHA256=D23679F95F1AADCF3D6B865C04553AB7D4AD191A6C2A40E56F9EDFEF9240A75F,IMPHASH=00000000000000000000000000000000falsetrue 254200x8000000000000000251796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localT10992022-01-19 13:18:46.479{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\af8a8379-f306-491b-bed2-60b9972340b9.tmp2022-01-19 13:09:48.1132022-01-19 13:18:46.458 23542300x8000000000000000251795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:46.311{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BF604F606204B1D4C736A58EEDE1D892,SHA256=C7C7A351F88FFED0A529D83F4F02944CE006A47377EFF4AA7EC3B3611CB18BAB,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:46.279{ED6274ED-C6F2-61E7-0D00-000000002302}9006584C:\Windows\system32\svchost.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178549Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:47.492{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E1DE2274552043788715451E9C1F1418,SHA256=9993D8A043D5A2DD87E69F72D1CE9A42CED10641C0E9D92FFA6AE5F3FF682DA8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:47.325{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A5162BB598FD573DB65C09CA64474090,SHA256=38B545A738AB306AB09D3163B90D3952500502E9DEF1617AF7379A500D5BF51D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178550Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:48.586{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=804FC0F2AC657B33DF9506703D9E333F,SHA256=C9A56A1B7B23C66DB3AA4F2DDB4BD071F463AEA0867A435E884D4BA3802F2D6B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:48.923{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FB8-61E8-620A-000000002302}7716C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:48.908{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:48.908{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:48.908{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:48.908{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:48.908{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0FB8-61E8-620A-000000002302}7716C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000251801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:48.908{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FB8-61E8-620A-000000002302}7716C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000251800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:48.678{ED6274ED-0FB8-61E8-620A-000000002302}7716C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000251799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:48.340{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5FF654AFD22B6A3BFA8796AA5CC138EF,SHA256=DFBEF763B00BFA4491E25D293FFD5307BD7413A9021B6FAD63406CCBD4B52D77,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178552Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:48.145{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53330-false10.0.1.12-8000- 23542300x8000000000000000178551Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:49.726{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D87128A39FB585A456D4B37DAE3B3B11,SHA256=9C1B5BF755491EFDA72EB985FF87B4B171E30CB4CCC439630F1D5BA68CDAA1F0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.960{ED6274ED-0FB9-61E8-630A-000000002302}76446648C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.739{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FB9-61E8-630A-000000002302}7644C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.739{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.739{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.739{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.739{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-0FB9-61E8-630A-000000002302}7644C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000251813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.739{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.739{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FB9-61E8-630A-000000002302}7644C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000251811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.578{ED6274ED-0FB9-61E8-630A-000000002302}7644C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000251810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.692{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=246DA45E9A274FA8C393BB7DD6AB6CDE,SHA256=6C7D8C7CE43E6D82EA3B7E1CB967BD1D94F587792CDEF20506B630AB2DC658E9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.692{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=17F9DB280143535535D2B16E13D66DAF,SHA256=2608EC9F1F89AA9C1C69200E6CE56D4290A55FF3459EAF623015ECB4BE5ACAA0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.353{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=023F2B9D2F0CA54AFEFC4FACAC2EABD0,SHA256=5EEF9451EC3975C5A7B974DE4747B5D26C0D559D75E58BB82F010C83921AF88D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178553Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:50.726{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=28415C4D6C6913DC4DC8D37BB407B2D0,SHA256=4EC2D34D1145F85F2FBE8AB8FB04A0686FF4C9D4E87701F58C186C0EF867C975,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000251944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:49.242{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60298-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000251943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.478{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=532C315639BD4D90892CF10326E428A6,SHA256=846F447B64E54F9A906338604349093459EF568965AF5BB5D6145C3F9043EA19,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.462{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=27D1C3247A01251D6AB30FB161B36575,SHA256=55B3766FC636FAAD292A188C017DB571DAEEEB1FEC4C2E53E4A379A8FB9DC6D7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.462{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FBA-61E8-640A-000000002302}604C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.462{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.462{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.462{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.462{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.462{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0FBA-61E8-640A-000000002302}604C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000251935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.462{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FBA-61E8-640A-000000002302}604C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000251934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.309{ED6274ED-0FBA-61E8-640A-000000002302}604C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000251933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000251871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000251845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:50.107{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178554Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:51.742{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A8A973A318F427668EA7B38F7388B652,SHA256=F07CA58358DB02163A3C6C3D0B5C485C1D751AFA76AB909FEECE9D79B044CC33,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:51.481{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A371A060D5DFCCF63511C0CEFCA9F491,SHA256=296A40AA0EAEFD8D345B28703BEBF855DEED2DB1DC37822D4AC75818D11F4CA7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:51.308{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=246DA45E9A274FA8C393BB7DD6AB6CDE,SHA256=6C7D8C7CE43E6D82EA3B7E1CB967BD1D94F587792CDEF20506B630AB2DC658E9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178556Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:52.992{F0653C0F-C6EC-61E7-1F00-000000002402}1924NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178555Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:52.757{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5A21E39958E6FD3B28765445FF2B12CC,SHA256=FB8A55148A0B83EB249D3C6BDB8C59ED6B756A7F33B340A3A86671415EAF3E54,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:52.769{ED6274ED-0FBC-61E8-650A-000000002302}76927324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000251955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:52.504{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F02303688A7CCB867A4B212FEB13D0D8,SHA256=04639364A125BA0323066A1B5AB56AF3FC057AB061B3F8927B238EE999E2C5E8,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:52.458{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FBC-61E8-650A-000000002302}7692C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:52.442{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:52.442{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:52.442{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:52.442{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:52.442{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0FBC-61E8-650A-000000002302}7692C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000251948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:52.442{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FBC-61E8-650A-000000002302}7692C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000251947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:52.296{ED6274ED-0FBC-61E8-650A-000000002302}7692C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178557Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:53.851{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E932475D6AAC4CA51E1A889D06819924,SHA256=468F52EB68B4FA53AC4ED2399AC09282E97CB19C592BA81AC3356D3168AD148D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.533{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EC2089DD7311DB648E66AA1F37F49DE4,SHA256=A89ADB6E8F4A2A60457A17C469C43C466AB4C02C945D33E6417E1BE3B0329835,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.365{ED6274ED-0FBD-61E8-660A-000000002302}33407148C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000251965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.296{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=446C4CD0FA9E227935C7494B97B3CED0,SHA256=CD26244A84D8933BFC56918F49BDAB5490C4CFFC989CE26D8B8467AF044984AD,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.165{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FBD-61E8-660A-000000002302}3340C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.165{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.165{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.165{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.165{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.165{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-0FBD-61E8-660A-000000002302}3340C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000251958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.165{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FBD-61E8-660A-000000002302}3340C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000251957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.164{ED6274ED-0FBD-61E8-660A-000000002302}3340C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178559Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:54.882{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A6F79032DEF1EC3225FE35DC13B8CC99,SHA256=E033593742966C85FA1F835675B594067D4BA9685FC6D664D2C8522CA5338FEF,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000251981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:54.933{ED6274ED-0FBE-61E8-670A-000000002302}71126972C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:54.712{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FBE-61E8-670A-000000002302}7112C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:54.712{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:54.712{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:54.712{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:54.712{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000251975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:54.712{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-0FBE-61E8-670A-000000002302}7112C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000251974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:54.712{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FBE-61E8-670A-000000002302}7112C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000251973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:54.566{ED6274ED-0FBE-61E8-670A-000000002302}7112C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 354300x8000000000000000251972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.445{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60299-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000251971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:53.445{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exeNT AUTHORITY\SYSTEMtcptruetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60299-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 23542300x8000000000000000251970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:54.612{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BEF56FD70163709216FFE2BE0326D679,SHA256=E5326F345AC6A08E7CDC45200099933C35FA5D4911F908D9B8AC988A41A67609,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178558Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:52.911{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53331-false10.0.1.12-8089- 23542300x8000000000000000251969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:54.395{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=84C3C9869875AB484CBD44E417A1E1D4,SHA256=4537EC8D7E8CF983296C11AFFB694D80DE4B74816F6D02832790C4A60BCAD952,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000251968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:54.111{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=8C9335E33466D54C344FF621362F6957,SHA256=5E7A086B1C542D53DEE060B1810B112753867AE9F43843DEAB54AB2049E8E54B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.613{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BC86B3491AAA13D60DF029A95DC23628,SHA256=C135C033E6C7D304FA1D64C4C996924B9A88BA5801E9F38E38734526698B2BCA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178560Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:55.621{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\respondent-20220119080814-302MD5=26E1A90A17A870013EF4C4218FE87777,SHA256=02B0674969846812EB5EACE6FE845327C5B46FC53D45D3793660008BF07077BC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.566{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=2FF6173DB977A5A1698DD4BA30E90FE7,SHA256=8609EF30B903A01514EE866CFACFC01794587A4EC0A1DBBC7C6529106F6F7F23,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.481{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A89586A229CD6C09691D41FC87F63B58,SHA256=33B257497531D5B5F3B54252AE92E1A6C9385D0EF8A9BA8699FA8AA1DBC7B235,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.133{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.133{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.132{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.132{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.132{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.132{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.132{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.132{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.131{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.131{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.131{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.131{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.131{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.131{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.130{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.130{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.130{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.130{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.130{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.130{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.130{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.129{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.129{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.129{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.128{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000251982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.128{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000252100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:55.116{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60300-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000252099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:56.634{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D1101AD772DA9CCA47FEB34D8B8029D6,SHA256=82B7B122F66EFC501E5928275A36C5EE213C8297758BFEF4F597DEF805DF1C1C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178563Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:56.619{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\surveyor-20220119080812-303MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178562Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:54.036{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53332-false10.0.1.12-8000- 23542300x8000000000000000178561Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:56.102{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9B4B9BA7191C1BFA308DE3323939826A,SHA256=3150D9A4C4FD2BEADD6FB3811677C84156C535D811C5D0B81C93451FA72A4D3B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:57.796{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FC1-61E8-680A-000000002302}7508C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:57.796{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:57.796{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:57.796{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0FC1-61E8-680A-000000002302}7508C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000252106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:57.796{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:57.796{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:57.796{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FC1-61E8-680A-000000002302}7508C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000252103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:57.650{ED6274ED-0FC1-61E8-680A-000000002302}7508C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000252102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:57.665{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F4D41BF23E8CCF0B6CB123BCCC058EFE,SHA256=0289EA989AB9C6EF5237F75BF7DBFDBC490B668EE00E767A889FEBD9FB01F447,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178564Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:57.133{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0B69D4F1051F7F3C38B20CF306DE66B7,SHA256=E72F63323D39539368C689463130E1FFA6520A19194CF173D94F14E6DF5399A6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:57.080{ED6274ED-C704-61E7-2B00-000000002302}2988NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000252113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:57.130{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60301-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8089- 23542300x8000000000000000252112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:58.682{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=84E9E96FDF20619066800CADF6B6979F,SHA256=AED29CF2846BD7EEF2DD32DA6897EA7FFAF00D4892480DAF5CB59AA1E03EE60E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178565Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:58.148{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9BBA0D83D888A8AF49FB2D9BEA5E9C56,SHA256=A27BCC4837E0E81A46FDAE473BE0E83D3054F93F2BFBAA615B26909D3DF59654,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:58.650{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=10AEB6E745E695CA1E9B131321925B48,SHA256=90CDCD0BE997F9E54D6872FCBB0A21788D17A1793DD9849BB72143340661058E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178566Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:59.242{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=029B555E41ED1615F74D345A3303EB45,SHA256=7DED48E7BFAB95E625118F01AE200EB2C03B14BE22A0C9ABE5668F9C0850B8E1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:59.697{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F81218D5713976CB168C395C9DABF445,SHA256=CDC96C55217DCE06D00FBE36365D839988659336A6D435542C1FEA85CE76F57C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:59.150{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=7C44854A8E6F9BE02869BAA91203FDC9,SHA256=247827C80B7A4638C9E7D0BCB973CF28A6E52B843A733BDF5635B2B26D4E672C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:18:59.130{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=834903D519EF84724AE9A74FB49EDF85,SHA256=D5F59EF6FB7EFD5C7E08EF29E21229B56383D11D8BB59DE040869CF2B908B037,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.697{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B518FB5FF7B4E2CD66F375C32C1064C6,SHA256=172EB929D249A4C9AC33015A14BACE08346F2E47FC4DE57A4B83D57664966A8B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178567Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:00.289{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=17690A31EFA2A78C1D4E061BCC519EA2,SHA256=974F17A93DAF2FD216179CF7181C0E830BBD104020A03AF31787AAAD45AD63C8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.312{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2AAE96ED76918C61A979CFC7B55EB901,SHA256=4A6A760CDC851DA897F7D9610969254D07B351697ABBF00D19F7B92B0DE4447F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.196{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.181{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000252143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.165{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F388C1EEB87FA02FC30B8BE433C935B9,SHA256=0F933D678D44FB755AF3420EA7DCDF23520E000B0AD955C415F2D3B155EDC929,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.165{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.165{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.165{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.165{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.165{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.165{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000252235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:00.255{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60302-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000252234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:01.712{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B8035D223EC65E25022361B3FAB6F86F,SHA256=632CCFD90AA7323776B0D9A68C724C906864D96B61739580FB352874885F0B49,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178569Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:01.305{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=92DEB9CCB47104782531DB5687B99D28,SHA256=98F1B2FF985A7F937AC9510E5F2CCF6E743AAE4562318765752C2166E8363E9C,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178568Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:18:59.145{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53333-false10.0.1.12-8000- 23542300x8000000000000000252236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:02.729{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DB22A33327A1383A482796DF2448D828,SHA256=39A4E2986E312DC62D063689E3B55E7AF4E5E758F5C7708D7F9E2E303D4A8592,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178570Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:02.320{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=964C964B5E6A64958EB87D7B71C8CF5D,SHA256=9D1877428549D4E1DB89BD81DA64FC164780D3AF670EECC1F9F9787A1CA9FF20,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:03.732{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7A01C2C3E5D7ACA67E96924ED64C5F0E,SHA256=5F1CCCD8E6185C59D70143FAA03C3D934FEB7D9310665F873E46F5DC0B54D205,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178571Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:03.336{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=916419F8BE0AD3AEDDEA67FDAD76A46E,SHA256=88ED9521A99F36A9573BE59F86C8811233C3DE096C8F786BC9A56191362C387E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178572Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:04.351{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C09592CCC3456EA88D2AD15BEB613B0B,SHA256=F83DC9333ABB6A275243142047A2A4CE3BC96B925A4370EA2959837BC2DCA0B0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:04.774{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=542066BA027C46FFF2BACED3DB943C01,SHA256=DA0475C6FBE230F233B8A682522AF594F1F22B1A3AE88AB59DBD7DCF2B8BBD90,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178573Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:05.383{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7537FDC1E60B3E5290006429E1C1633D,SHA256=92C5A109F66285CFFF9F78A5C12DA2039D4CD2373251D8232BC150AA776C3444,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.778{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4BE5296F558A5C2461797E7C20BD6C22,SHA256=4FACE17B102890EAD4518A779B605A441A84004BBB74E7B87C7B0206D3648336,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.578{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BC30399FF11CA08DCE8D90D3BFCF720A,SHA256=B6EF72FFAF795D66B8D086B07DA6D46F3BDD343E3D4DB936B881BAC644971393,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.236{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:05.221{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000252355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:06.809{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D37336009957E3E2B569388B4A11DC37,SHA256=F1D2300FE9A236C5B9C2B36935F9DE3A304086A38D54E83306AA00B50E89B1FC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178575Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:06.430{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=06ADE3FA87F16B18A090BD5CBF45D8E0,SHA256=694290029BA2A2B819F7E037769938BB9913FC88DB85C22CEB20331FCAFF0803,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178574Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:05.083{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53334-false10.0.1.12-8000- 354300x8000000000000000252357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:06.125{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60303-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000252356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:07.824{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F0113DAEF6949B997DA5251836C326C7,SHA256=F7718B3A33149C122F1199F6B572C855CC69F30D154D1D158BCAD6F8A1621216,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178576Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:07.461{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4A0873A6EDDC56E4DB697712229B854B,SHA256=B9CC4FEC20D7A51456BF7619A1C2F8B2AE004353BF57629288D500FD88BE1135,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:08.838{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7184050F69B64EEE0B21A25E2E0D452D,SHA256=664CF24EA317E3A8C20B3926E1FA5CD40F2F3A580E981C3E611C4E17346E6D58,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178577Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:08.476{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6127D484C61B3252E01B4C1E2DE7C496,SHA256=D119D9C46D7522CF8D979B98A545E3F1FC2E416E639C1AADC3AE71F8ED635A7F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178578Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:09.711{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=93B965C3AD62216BE453DCD89C532233,SHA256=ED4CCBC58F49807634A2E6538893044533E7874049643D19A3157DA2FE5C8A81,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:09.863{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6AB7CD2A9CF64E7967E53B70FA015E2F,SHA256=84000359F8182FC60239B7A224957C9705FFA958806865CAF17069F68EFE84DA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178579Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:10.836{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=612879B18A474A715D70AD5ABD6A3CE5,SHA256=D07500658D9FCCE7A68109CBA207ACF89EB33218F51046C8E4F602F19E335A2D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.897{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EF97F98C9146341BE88EDE5CEB94F005,SHA256=3CF3361A2593D6C614CFE8D90AB8FD99BBB4AE1885FF2C186DF212E81A7D6DAD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.342{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6ED38788F878A5D2046E8ED20CE421B9,SHA256=DF371BD7D8BDBE02FBE4ADAE384C0F68990C03E5C26C98A10E173059E0E1DC34,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000252406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.264{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5AD573EE6B7C2C9504A9BE6BA34E768F,SHA256=F2F7F2E77903F44401D165082F2E47B11BDE4BC97950CC968720D9A6EC661A77,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.261{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.261{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.261{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.261{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.261{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.261{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.261{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.261{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.261{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.261{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.261{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:10.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178580Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:11.883{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EF6ED031FEE5F7FC40B98905270A6CFF,SHA256=B2513B3DB661C303A8F16C5D6EC58AD575E6A9344D91616DF87EE45D374EED9F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.962{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.961{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.945{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.945{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000252480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.898{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=979D6EE25A68938EC950686932407719,SHA256=8ABDB75F597A3CA2C2D8EF5D7D7F23029551E044E8076C4228C739613938CC6E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.546{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\kerberos.DLL+96ef2|C:\Windows\system32\kerberos.DLL+793e4|C:\Windows\system32\kerberos.DLL+1443f|C:\Windows\system32\lsasrv.dll+2f1f1|C:\Windows\system32\lsasrv.dll+2d0d6|C:\Windows\system32\lsasrv.dll+32919|C:\Windows\system32\lsasrv.dll+30267|C:\Windows\system32\lsasrv.dll+2f1f1|C:\Windows\system32\lsasrv.dll+1752d|C:\Windows\SYSTEM32\SspiSrv.dll+1a96|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e 10341000x8000000000000000252478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.430{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.430{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178582Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:12.945{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6F2E9DF344FFCD899484CFA4944C8F7E,SHA256=E3BFC41DB40827282C30C10F250DEB56B7863F07D189719EC44F50902E53CFF9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:12.913{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1017CE7626A889C3DFFA95D748A86A22,SHA256=68CD164FEF561E88E5660F9FCDFEC0D25F9A857E3EC7897F0C8CFFB67D5D65F0,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178581Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:11.052{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53335-false10.0.1.12-8000- 354300x8000000000000000252493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.612{ED6274ED-C6EA-61E7-0100-000000002302}4SystemNT AUTHORITY\SYSTEMtcpfalsetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60307-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local445microsoft-ds 354300x8000000000000000252492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.611{ED6274ED-C6EA-61E7-0100-000000002302}4SystemNT AUTHORITY\SYSTEMtcptruetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60307-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local445microsoft-ds 354300x8000000000000000252491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.508{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60306-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000252490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.508{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\System32\svchost.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60306-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000252489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.498{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60305-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000252488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.498{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\System32\svchost.exeNT AUTHORITY\SYSTEMtcptruetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60305-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local389ldap 23542300x8000000000000000252487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:12.444{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=283E26DD9CDC86848965875DBA90B435,SHA256=D59C372A339738E2405EAB620833EC9914BF25429DB3CBFBC0C00DB599062324,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:12.444{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=77AB74813F0C6291CAE755EF8059DE2E,SHA256=0E4B96E33B2ABAF65F3E52BA591B7706B86E3F694C9F4BC929F37D95FBF4DC51,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000252485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:11.194{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60304-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000252502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:13.965{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:13.965{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:13.965{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:13.965{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:13.965{ED6274ED-C837-61E7-A600-000000002302}34043476C:\Windows\system32\csrss.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000252497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:13.965{ED6274ED-C83C-61E7-B500-000000002302}47005776C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\7-Zip\7-zip.dll+545c|C:\Program Files\7-Zip\7-zip.dll+67e5|C:\Program Files\7-Zip\7-zip.dll+6fbe|C:\Program Files\7-Zip\7-zip.dll+70d9|C:\Program Files\7-Zip\7-zip.dll+8e20|C:\Program Files\7-Zip\7-zip.dll+c301|C:\Windows\System32\SHELL32.dll+80267|C:\Windows\System32\SHELL32.dll+6717e|C:\Windows\System32\SHELL32.dll+17c29c|C:\Windows\System32\SHELL32.dll+19ea38|C:\Windows\System32\SHELL32.dll+284513|C:\Windows\system32\explorerframe.dll+13cf7b|C:\Windows\system32\explorerframe.dll+139d07|C:\Windows\System32\SHELL32.dll+17c540|C:\Windows\System32\SHELL32.dll+1799be|C:\Windows\System32\SHELL32.dll+736d1|C:\Windows\System32\SHELL32.dll+765b6|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\System32\DUser.dll+17b15 154100x8000000000000000252496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:13.964{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe21.077-Zip GUI7-ZipIgor Pavlov7zg.exe"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Temp\new\" -an -ai#7zMap6092:178:7zEvent10893C:\Windows\system32\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=300B8E1F636DCDE7269EF18600493819,SHA256=3AEF7662DCDBBC952A3ECD3677DA943EF3D4AECB5BD624625B6B176B1B5CE617,IMPHASH=C60649CDE63EC51599F93CD2D0157322{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\explorer.exeC:\Windows\Explorer.EXE /NOUACCHECK 23542300x8000000000000000252495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:13.928{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0D6C495A000A35068F2DB466D5CA37D9,SHA256=F0D15BDC4298A20D5D64BB58EC795F273D89F09308ECE7BA8E91746AE9AF98CD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178584Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:13.961{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9278E0C0B8DAA390D038EC88F4464416,SHA256=17F218E2BB999B2D913A38E1234F2E78B9F67118FB940213C7C585AB8C89E6DE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178583Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:13.945{F0653C0F-C6EB-61E7-1100-000000002402}980NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.datMD5=ABF9DF20E27DCA4B5C986CFA829E4D29,SHA256=4B27952562CB276467B70CA1BB01F4466F40430862CE6C46EBC1014389A03695,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178585Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:14.976{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C18E68BC87413A881A54B225F5282CDA,SHA256=18704142B7692978B75065026CCAAC5971AD182B247484BB5526D28EBA44590F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.980{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=283E26DD9CDC86848965875DBA90B435,SHA256=D59C372A339738E2405EAB620833EC9914BF25429DB3CBFBC0C00DB599062324,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.664{ED6274ED-C83B-61E7-B000-000000002302}43164388C:\Windows\system32\taskhostw.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\MSCTF.dll+af11|C:\Windows\System32\MSCTF.dll+b489|C:\Windows\System32\MSCTF.dll+be73|C:\Windows\System32\MSCTF.dll+3d812|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.600{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.600{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.600{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.598{ED6274ED-C83C-61E7-B500-000000002302}47007328C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.597{ED6274ED-C83C-61E7-B500-000000002302}47007328C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.597{ED6274ED-C83C-61E7-B500-000000002302}47007328C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.596{ED6274ED-C83C-61E7-B500-000000002302}47007328C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\Explorer.EXE+1f054|C:\Windows\Explorer.EXE+1f000|C:\Windows\Explorer.EXE+1dfec|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.586{ED6274ED-C83B-61E7-B000-000000002302}43164388C:\Windows\system32\taskhostw.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\MSCTF.dll+af11|C:\Windows\System32\MSCTF.dll+b489|C:\Windows\System32\MSCTF.dll+be73|C:\Windows\System32\MSCTF.dll+3d812|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.580{ED6274ED-C83B-61E7-B000-000000002302}43164388C:\Windows\system32\taskhostw.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\MSCTF.dll+af11|C:\Windows\System32\MSCTF.dll+b489|C:\Windows\System32\MSCTF.dll+be73|C:\Windows\System32\MSCTF.dll+3d812|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.564{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62db0|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.564{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+47bc0|C:\Windows\System32\SHELL32.dll+62d6c|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.564{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.564{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 11241100x8000000000000000252509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localEXE2022-01-19 13:19:14.443{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exeC:\Temp\new\dcbbae5a1c61dbbbb7dcd6dc5dd1eb1169f5329958d38b58c3fd9384081c9b78.exe2022-01-19 13:19:14.443 10341000x8000000000000000252508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.443{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.380{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.364{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.364{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.364{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:14.364{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000252720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.995{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8CC9D8323640024C744881115A9DA306,SHA256=147320E5756DEF9532AA0A111981608CB5CD891B304B5254CA8E0D15F84DD34C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.642{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F15845B8E6437468788AD4CCE297120A,SHA256=900B972A116D14E6B8B90D84A64947DE953FB68AEFF11C8FBACFC03C51C9443E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.395{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.395{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.395{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.395{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.395{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.395{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.395{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.395{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.395{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.395{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.395{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.380{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.364{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.364{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.364{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.364{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.342{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.342{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.342{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C838-61E7-A900-000000002302}3024C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.326{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.326{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.326{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.326{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.326{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.326{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.326{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.326{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.311{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2E00-000000002302}2420C:\Windows\system32\wbem\unsecapp.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.311{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.311{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.311{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.311{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.311{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0F00-000000002302}1016C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.295{ED6274ED-0FA6-61E8-600A-000000002302}10325628C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000252645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.279{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-0FA6-61E8-600A-000000002302}1032C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000252644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DF52190B07FC32B417BC7EF58A6640A7,SHA256=B2D4956DB348E982FDBB2D87C875BF1B23A1747527D9642DFC19AFBB17B01982,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+316f1(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.264{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.258{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.258{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.258{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.258{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.258{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:15.226{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178586Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:16.070{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C468989A6AA9FB3FD179022724FA9BBB,SHA256=23ACC4AFD83060F08E8F86D4A8D293630DE443F4AF6ED3B6BD7CF6B141FF5A3A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178587Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:17.101{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2F4005F1EA2D463DA52314AFA2A2F729,SHA256=F36676109813678D99DAED3C6574EAFA955910E5EDE6502F90AC49F33ED31911,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:17.078{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:17.078{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000252722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:17.078{ED6274ED-C83C-61E7-B500-000000002302}47008104C:\Windows\Explorer.EXE{ED6274ED-0FD1-61E8-690A-000000002302}2144C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000252721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:17.010{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=91B566DF8D4D2EF07D851F7E7E96F7CD,SHA256=07DB877EBE3500F89A7FF121D5BA2FF4FCB4234FDBF4D24038AD30AEF4F71843,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178589Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:17.036{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53336-false10.0.1.12-8000- 23542300x8000000000000000178588Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:18.117{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6959BB9135E2995AEB83A06A95E21EB6,SHA256=AD6349B6B073FB75AE42EA0E14CA5EDC99DBFF9EEC45211F6767D6257523976E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:18.024{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FD492B0A2149BEDAADDE4920E181D95A,SHA256=88B67AF8E4B7381BF3EC7992EB7946EA2029F19DFF54773FB0E31FC33C1B7DDC,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000252727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:16.322{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60308-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000252726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:19.039{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C7D57E822CE5F4522C040AF0C97482A1,SHA256=E734504140112FA9C5679580DEEE6788D4578F9234DAA606305E32B4F052E13D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178590Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:19.133{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0308BC69ED20BA9BE8AA62855D05A9D9,SHA256=97300CC073C97CD8EE24B1218292F9897FA329B1601615DBDC4931D0DC1F0E2C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.438{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CDEBE95910B27CC5AE71D80FC7B3123E,SHA256=F2CE0B6FFF471F36320831BE09D5C23C5D85D78BB479F854C01BDB5043AC5632,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178591Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:20.164{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EBF25FDE85C1CB9BD6AEDAE7AAAC4B01,SHA256=2015722B26A0E5096FE0A593A5DB00FB460B3D53FAF3DB748E95E17AEFEFE23F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.307{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.275{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000252774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8F71DE80FBAD019B4711267E805CC575,SHA256=3B34273EBA4D314A6A9A4E504A15C645ECD2E5797AE30C86E098E1FC18013627,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.238{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000252728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:20.060{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C99D3BE519C6491AC0A2C1E4948F09C4,SHA256=E649E3755FB297E8C2C4465D9E2F0658E12C8A386463269CD3540E8B470E82AD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178592Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:21.242{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BE9291ED9309EC4F44361E8B518CCD4A,SHA256=8B1261C3402406F6D3FD181B452DC7BF352DB9E36BBA3B603D239BB8BE13B35F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:21.109{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=282E1E835F5C5F441249E7E4A026700E,SHA256=A039FBC5FF8DE26F596665C98E58291E2DCDD5491F68FE8FE8DC5A1245AF9B88,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178620Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.883{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0FDA-61E8-1309-000000002402}3252C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178619Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.883{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178618Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.883{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178617Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.883{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178616Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.883{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178615Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.883{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178614Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.883{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178613Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.883{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178612Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.883{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178611Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.883{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178610Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.883{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-0FDA-61E8-1309-000000002402}3252C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178609Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.883{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0FDA-61E8-1309-000000002402}3252C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178608Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.884{F0653C0F-0FDA-61E8-1309-000000002402}3252C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000178607Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.633{F0653C0F-0FDA-61E8-1209-000000002402}26041448C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178606Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.383{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0FDA-61E8-1209-000000002402}2604C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178605Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.383{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178604Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.383{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178603Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.383{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178602Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.383{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178601Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.383{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178600Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.383{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178599Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.383{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178598Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.383{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178597Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.383{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178596Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.383{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-0FDA-61E8-1209-000000002402}2604C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178595Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.383{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0FDA-61E8-1209-000000002402}2604C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178594Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.384{F0653C0F-0FDA-61E8-1209-000000002402}2604C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178593Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:22.273{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C653F85CC40CDA199A77E020A24698B6,SHA256=4F9D81B81DA2AB94D71402058F8E4ECAE5C7CAEDA5A6C09057F02548C3C51CC2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:22.160{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=2A45C75207522C2D81AF8806B18210FA,SHA256=B17807F1534C0A6019A772F7838D4A59FB3B62B000DCBBBE0A007EE0D19E06C0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:22.113{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=14FBC80209A042B4DEEFFAC69EA77309,SHA256=5FE59905A5AB88E42D1059F1C3DC4B193D5C896BE50B2939F363AC1B8F2DE790,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:22.058{ED6274ED-C6F3-61E7-1300-000000002302}704NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.datMD5=45429E12987CEEEB1BF29571D308BAAC,SHA256=1DCD0AE15691E352D79B3F974069870723AB7C2537313E36399322C11444D496,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178636Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.601{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=468021E89C9A8C56927D59BC1599B0F6,SHA256=6C79AF81134F81C1697B15447811E991514962C89A770E2D1D211CC604CF05B7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178635Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.601{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=47E8320E5A9072F2E6F859758FC688CB,SHA256=FDF0793A8531B0F27E20CEE443E236868D8766BF701E3600B73373EF4DF8DA69,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178634Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.601{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=672CBBCE7EA96A1AABDC627188CD3245,SHA256=E839C0C146AE0C4B14EE72172EAF7EA661EBA771C070F1B80921174C77A79DCC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178633Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.554{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0FDB-61E8-1409-000000002402}2700C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178632Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.554{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178631Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.554{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178630Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.554{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178629Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.554{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178628Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.554{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178627Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.554{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178626Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.554{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178625Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.554{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178624Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.554{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178623Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.554{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-0FDB-61E8-1409-000000002402}2700C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178622Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.554{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0FDB-61E8-1409-000000002402}2700C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178621Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.555{F0653C0F-0FDB-61E8-1409-000000002402}2700C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000252852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:23.281{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=FD80879C0BB6443046C9893F310030C5,SHA256=D5F9C2739C6BBCF37B613E9D71AFCFAD0F559AC79438F1A23C3AB057F1F3938A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:23.281{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=A380BBF2E66FAC7966D271A5759F205C,SHA256=F4E312281063425A7B0C68E128BA14C93312BE9B86548CD36ED8B4E9F61CA2C9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:23.182{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\respondent-20220119080839-302MD5=31AE3B99E9722C70B2B0BF5629B78D35,SHA256=018F3996AECFCFD96518A9A6A1237881C0D4A214E94965D02F176A723ABECB27,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:23.142{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A986477F9F2F51BD6ABA634B27948FE6,SHA256=760AD05CB792C4E527F7B990D0D3631B266A6B938B6E76812E6C1050D30392BB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178638Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:24.586{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=49A56F641806DC35668902BDA1B3B01B,SHA256=FCC05B681224B54813FDE4607223EB4C5939FE74A6B0A7825535B0E46CDB947B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178637Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:24.586{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=468021E89C9A8C56927D59BC1599B0F6,SHA256=6C79AF81134F81C1697B15447811E991514962C89A770E2D1D211CC604CF05B7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:24.184{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\surveyor-20220119080836-303MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:24.163{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=39CF7AB99F2664DBE631A19D279061F8,SHA256=AD9D8A8EFC551B45716415A8CB39C51F0185A110A25C4B15F3A904DF794F6684,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178640Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:25.601{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=31DC74409237D26786BEE8A55CB5C6AB,SHA256=047A282329664FBAA4FE02FA8FA000711EDEFEAACE8C541B6A83ED1AAFF3771C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.596{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=74646411B73C5C54C20EBF0FBD216AC2,SHA256=2ED3ACE82CAEDA22F0E9CA3D67D3119CB3B6284DAD827D1F2320061D10320F46,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000252970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000178639Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:23.020{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53337-false10.0.1.12-8000- 10341000x8000000000000000252965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.363{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.363{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.363{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.363{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.362{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.362{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.362{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.362{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.362{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.362{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.362{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.362{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.362{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.362{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.361{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.361{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.361{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.361{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.361{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.361{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.360{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.360{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.360{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.360{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.359{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.359{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.359{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.359{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.359{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.359{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.359{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000252908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000252882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.343{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.327{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000252856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:25.180{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C0B3DC22DEB51DAD68AEDA5C282EDE5F,SHA256=A9B62FDF08C74849118C0952E1E7F958D50833A62563AA1B5024952377838F7C,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000252855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:22.244{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60309-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000178655Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.851{F0653C0F-0FDE-61E8-1509-000000002402}8683028C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178654Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.648{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0FDE-61E8-1509-000000002402}868C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178653Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.648{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178652Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.648{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178651Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.648{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178650Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.648{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178649Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.648{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178648Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.648{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178647Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.648{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178646Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.648{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178645Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.648{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178644Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.648{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-0FDE-61E8-1509-000000002402}868C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178643Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.648{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0FDE-61E8-1509-000000002402}868C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178642Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.649{F0653C0F-0FDE-61E8-1509-000000002402}868C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178641Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:26.617{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3D7EDADCF754B089641EA50FD2626165,SHA256=51B840CD501AF322AD7404F749BB8F50C40EEDB53D546492ADCA02928F51469A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:26.196{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E1B728E5064024B45EEB61D97A8090DE,SHA256=674C352C03B5BE60ADD190920AAB4DC27AE35D444F088CF68E3792DDA5422F52,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178684Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.851{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0FDF-61E8-1709-000000002402}932C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178683Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.851{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178682Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.851{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178681Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.851{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178680Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.851{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178679Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.851{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178678Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.851{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178677Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.851{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178676Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.851{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178675Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.851{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178674Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.851{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-0FDF-61E8-1709-000000002402}932C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178673Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.851{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0FDF-61E8-1709-000000002402}932C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178672Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.852{F0653C0F-0FDF-61E8-1709-000000002402}932C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178671Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.680{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=0A808C465223A2E699CF2B0857E0FABE,SHA256=BF43E8347ACC03CF02AF2647E1D10E39192654D7762F8A1A2F7C82BD0D49F675,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178670Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.664{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F30976018987698676DDCFAB56017841,SHA256=CECBFF6B2BEC8A162AF1F781A7458ACEFF63CA181E0620BE0F16C24358552B3E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178669Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.633{F0653C0F-0FDF-61E8-1609-000000002402}1116768C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000252974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:27.197{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9081DDE8C0D9DE76A3784C07E635338F,SHA256=7FF67AD9D2384A5BE9ABA17A5E7A983C71287BC2368BA3FE5296820C1D00CC60,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178668Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.322{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0FDF-61E8-1609-000000002402}1116C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178667Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.322{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178666Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.322{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178665Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.322{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178664Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.322{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178663Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.322{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178662Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.322{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178661Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.322{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178660Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.322{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178659Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.322{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178658Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.322{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-0FDF-61E8-1609-000000002402}1116C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178657Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.322{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0FDF-61E8-1609-000000002402}1116C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178656Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.323{F0653C0F-0FDF-61E8-1609-000000002402}1116C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000252973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:27.181{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=D9EA204A58FDE2FBD37A65321F16C397,SHA256=962D1972E3AE6993C0AB28901CA96D3D7FBB43F791C971ACF81FDB3C5841C092,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178686Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:28.648{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B247BAB7973068FC8C53229277C8E424,SHA256=B381D16BA1F1161F7D9421B5F5055F84A05F76C11515EA8A7BB57B68B0C45D2F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000252975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:28.212{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A9A452AFDC2D604F8B7A0F898AD43B80,SHA256=1336FC012A1324424B0EFCFDB0F960CAD06E2B0749066289258E4413A3AF37BE,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178685Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:27.992{F0653C0F-0FDF-61E8-1709-000000002402}9321888C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178701Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.664{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1BAD442EBCD3153A3A3612C729158EFE,SHA256=D79D7F351DB708E34B71215D06BC66D43E78449BEF8DCFE42CD5F0A54CDC64A8,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000252977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:27.331{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60310-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000252976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:29.233{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=70326377E5FCBAFAA68C338F46E89F9F,SHA256=6F6322FF5F1D2BFE35C0059A93E633916EE58865D176763FEF66ACCEE5D7CBA2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178700Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.086{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=34ECF72701AB0C9BBC9B3800646929FA,SHA256=CAA122D951160DF6CEC7E9A6209D4C834D410E0C90FA34D904BAD3D704763CC0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178699Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-0FE1-61E8-1809-000000002402}1872C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178698Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178697Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178696Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178695Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178694Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178693Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178692Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178691Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178690Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178689Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-0FE1-61E8-1809-000000002402}1872C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178688Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-0FE1-61E8-1809-000000002402}1872C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178687Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:29.008{F0653C0F-0FE1-61E8-1809-000000002402}1872C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 354300x8000000000000000178703Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:28.129{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53338-false10.0.1.12-8000- 23542300x8000000000000000178702Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:30.679{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0C377F44E76758C2B7153FFBFA958210,SHA256=910EADC412B04F3396BEF25A3CF16FAD4B06F4BEE5D5150B8C99CE4C579AF413,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.689{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9EAE8DBD05297CC9A39ACDE8CD30B77E,SHA256=380448E4BC83CBD0F280E4A9194C34EB0AA0E160B3DBF7E92FF76943811DCD93,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.668{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D0912EA2CC5F2528EE2ECC6AF0E97ECE,SHA256=C46165F600F3107C98B92DADFA79E6B09F49DA56A93B2B2DD7EE2242BDAFF1F5,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.374{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.371{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.371{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.371{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.371{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.371{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.371{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.371{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.370{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.370{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.370{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.370{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.370{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.370{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.370{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.370{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.370{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.370{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.369{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.369{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.369{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000252979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000252978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:30.236{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4A21B8E728FA64C6C604885683257843,SHA256=FA60976A98AB4C2A2A6D1D5B8B7036883B6BA8890B7A48B716BEA66913A468DA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178704Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:31.695{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8371136E54911C196548545B4BC5DDD3,SHA256=17B71C68C69AD204C581400665A95092D84DE60AAF9EE849A45BB2C802949D8D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:31.251{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A0B41584D07CF9884883ADFF35B80DF4,SHA256=6673DE09097878AFC39E76D3279AFB979519CA0A2D66DD6D95C0B0E2B89E68DB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178705Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:32.711{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7417112A420952AA7C177F80CD994E64,SHA256=ED9AF76B4E48DA19105C040713CCAF19A4CCC3EB30C52A8DD50E23646768270B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:32.269{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=040AEA8FCD39703CA02DB486605F5110,SHA256=F36B8CE81A96CE6EAE123D8E6F7521AE39219409042CE1589CADAD4CFC158142,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178706Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:33.726{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0563FFF1D8EA2CDBA1314078A9E94FA6,SHA256=D7FD9CC23BFA30A32DD4623AB0730097C40A0A205140DE7D49BFDF08A3D09728,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:33.288{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B1F39192C2EA4BD468C8FD651D3DBF30,SHA256=0571725ECE61B2EDE5E01DBB627D43E1EF468363FCC6CCFA6AFF0080D75B6414,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178707Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:34.742{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9D6893291AC2C65A3BFF485B9EEE541E,SHA256=56EBB76A28D158FB6ECB09F99C7467B0EC1DE1EF1C995C5521734C8F15630EBC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:34.298{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8335831229E0FDA5FEBC8588133E8545,SHA256=66476381BFB3C9CF00B94A7D43AF865974FF0391BC2726E76DF9F27E54A45F30,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178709Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:34.051{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53339-false10.0.1.12-8000- 23542300x8000000000000000178708Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:35.742{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=99E11ABFA2E187DA813E603A52B0BB50,SHA256=BE681637E9B660FA2673810D0FC3233B6F8565906B63961C9EECD345B16F5A33,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.751{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D2D17FD766A079A1B5B64685DB534480,SHA256=81F203BB03EAA2878CED55FDA1C2E000DAB768AC357E6FE3C2C029862A45F9F7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.419{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.403{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.402{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.402{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.401{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.401{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.401{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.401{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.401{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.401{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.401{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.400{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.400{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.400{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.400{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.400{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.399{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.399{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.399{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.382{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000253100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:35.319{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C7957B73956D2F98146F8738FE38DD74,SHA256=8F5792BE6433CC286E3866334F6A31980437D76536562CDA6D1D9D8453B12299,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000253099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:33.252{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60311-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000178710Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:36.758{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8787FABA726D84EAD15F7C54549C36D1,SHA256=1E5824A89637223D5B6C6912A7782898AC89488357120C837EB8521C922B9507,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:36.335{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EE4DB003A04C5189029E3CDB521E13B0,SHA256=8C9DF8E2A58E34FBE5C03D54678A2F191E3CB60C045DDE76F26BFFFFDA108F05,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178711Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:37.773{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EC68015936D6C2E242C18C1AE37583F9,SHA256=6330E54A44983174421521FA49547904BFF17194BF0CC00130B32A9F5DD87193,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:37.349{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=876F1A3480D7EE3751E576FA11880FD2,SHA256=69EF79FF32909355A9A727DFE856C5435B2AE1D3CA384F6B4933838FB55926C5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178712Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:38.789{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=96534BCC2127B1F085E3221D8549AF7D,SHA256=9F8577D68210BBC6E44BA1755D4F71698993B37A0EDFA0E1DBDCADD47F3F34D9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:38.363{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DC3F6F035A294537BD23AF7BBB35BCA7,SHA256=8C8CF64F4C5D71DF9A37CA9092EA63841DEC0366BBD843B495122BF56F77DE1A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178713Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:39.945{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2DAB6453C550A2342A645340FE33B5F2,SHA256=335BB10A63BF6C80A1EB7A96655AEF1AD510AFC49338CB103C343E54E2C0EE0E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:39.364{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4B2A6D86034DA5EA67DE9805A0F2DB92,SHA256=7B9B6D32B473E74491C059D0C72A7947E82B62384DFD51B6874E0BA125A7BD79,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.632{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=974966675CD50DB764CA69E850E49BBA,SHA256=7351966D900EDA8C1F8FA8E3EC199ABF0DEF65015EB8D98F7B4F8FCA9026A8FF,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.446{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000253221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:39.182{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60312-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000253220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:40.378{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B182767EE2209BEC52B7A52109BD2A0A,SHA256=F1B9717313716EF4AF0040B42034D67A39772B9232339344F7096E53CBB40DD3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:41.396{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4E3B72E06D44D7AD6C3D4ED5DE974B38,SHA256=3D702299173A5FD0E9846951B95ED0F609639CBEF30875649E5092E3AC231B0A,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178715Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:39.176{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53340-false10.0.1.12-8000- 23542300x8000000000000000178714Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:41.009{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=51A2AB10D4F3A07FB7FF0EE0D0A417A0,SHA256=A056726219F460C612BB34DCDC89411AF450A2E66B6AEB04A46CD0FC5AC4248D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:42.416{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ECA16705D10414AEDE4633EC603FEF0A,SHA256=70E945BFD43D1600FD25220417DC8F2CEB753F22DF1AB9A9FCF5B3AD34A4D749,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178716Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:42.070{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AD3AE15772AF64D89B630845F4EF98D0,SHA256=9D7D66BA1B3B2383612A151A3622B9A76EFF858F0FC1C5901A44967E08D1847E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:43.447{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A95ABE87B75FEAE9A77175DB7DE02021,SHA256=CFA6DB152291788C6754B7496BE47161A52DDC9A28A88636DFEE974AD68D3C7A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178717Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:43.086{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B9B79D84F4D79B945EC2577D976DC776,SHA256=EDEA037E0B2A28BA6469F3220AE5A6C0D9F1ED8DF75DF5B0C2FC4C3DBE5B456B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:44.462{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2C5E4065648D747518870ED3F55B6CB9,SHA256=AB6D97C3A317D3CF1C806FA1663E499442A66A1D262144089C84111522D154F0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178718Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:44.117{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5B7711DCC4FA119C97396FFAD3EDACA7,SHA256=773B6EEEAFC9D9C7FB92DED5C178E091A3662A2746475FF7A1DF9D6AAE952F72,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.876{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E7C30DDD84DC546353D0901E76DC357A,SHA256=A7A6088699535BB458BAC515873353DEC5BB782F3B19C1846C9FE6F4C70D11B8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.729{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=82A7EA6307DD0D5874D894D23AB646C7,SHA256=BE16FD1BB6E321FABF987D2D8D07F93809B48F1ADEDA0F5A2211343322676C63,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178719Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:45.195{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C4666E3419B170BFE935B040D3C132CD,SHA256=47D4A4E8663692FBDCDC730E894C011CDDAFB84C8A85AD35B3FD9E487506C33D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.545{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.530{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000253367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=90E17B66A5948CBC0CFBA5A23BC68635,SHA256=81F1A6592AE781A80F9D4DB5AA8C3A23605BB2DE484CF0870D69D24A225D691F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:45.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178720Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:46.398{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2D5014C487504068B3B3B26047EA5110,SHA256=FD78E65807A6950240C88164A11C5AF30112E294EFB286ECA6732A50A6C3586E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:46.529{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=09FFE352B7B36A71B7B7BE39D3663E12,SHA256=8E9FF2DEE7D8A9E4197BDF291AEA2A2340DBC281040E16E6DCAEE18CC61E5C77,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000253458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:44.311{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60313-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 354300x8000000000000000178722Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:45.113{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53341-false10.0.1.12-8000- 23542300x8000000000000000178721Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:47.461{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=722688284910AD42ABC4EF5B42DE8491,SHA256=BA31FAE51BAE3924251A75E69A4C3D5033FA67D212B8F472FC480E033AC0AC58,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:47.544{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=48877AF0AF912EE4B77A04C2A5EC1238,SHA256=37A9516C5A7C2B0864736E64211C1A0D844D7E0A6B7A374EA79A290790B345F6,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:47.175{ED6274ED-C83C-61E7-B500-000000002302}47004808C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHCORE.dll+64c8|C:\Windows\System32\SHCORE.dll+6497|C:\Windows\System32\SHCORE.dll+6387|C:\Windows\System32\SHCORE.dll+62fd|C:\Windows\System32\SHCORE.dll+620a|C:\Windows\System32\SHELL32.dll+55a20|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11ed7|C:\Windows\System32\USER32.dll+22a53|C:\Windows\SYSTEM32\ntdll.dll+a9824|UNKNOWN(FFFFF80185E73FF8)|UNKNOWN(FFFFFF49E24A5B48)|UNKNOWN(FFFFFF49E24A5CC7)|UNKNOWN(FFFFFF49E24A0351)|UNKNOWN(FFFFFF49E24A1D1A)|UNKNOWN(FFFFFF49E249FFD6)|UNKNOWN(FFFFF80185B8B503)|C:\Windows\System32\win32u.dll+10c4|C:\Windows\System32\USER32.dll+1ea2e|C:\Windows\System32\SHELL32.dll+5928b|C:\Windows\System32\SHELL32.dll+dac4a|C:\Windows\System32\SHCORE.dll+33fad 10341000x8000000000000000253461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:47.175{ED6274ED-C83C-61E7-B500-000000002302}47004808C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHCORE.dll+64c8|C:\Windows\System32\SHCORE.dll+1c0e5|C:\Windows\System32\SHELL32.dll+55501|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11ed7|C:\Windows\System32\USER32.dll+22a53|C:\Windows\SYSTEM32\ntdll.dll+a9824|UNKNOWN(FFFFF80185E73FF8)|UNKNOWN(FFFFFF49E24A5B48)|UNKNOWN(FFFFFF49E24A5CC7)|UNKNOWN(FFFFFF49E24A0351)|UNKNOWN(FFFFFF49E24A1D1A)|UNKNOWN(FFFFFF49E249FFD6)|UNKNOWN(FFFFF80185B8B503)|C:\Windows\System32\win32u.dll+10c4|C:\Windows\System32\USER32.dll+1ea2e|C:\Windows\System32\SHELL32.dll+5928b|C:\Windows\System32\SHELL32.dll+dac4a|C:\Windows\System32\SHCORE.dll+33fad|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000253460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:47.175{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms~RF11d52d8.TMPMD5=3BFEABEF62EED5634A3D9EC762FF8CF9,SHA256=8CFFE559F97E8DD9937ED59EDD9BA6381AAF578575E36594FEC60085CDEEFEF0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178723Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:48.461{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=44264A8796E4F8D83267BC22E18C83E5,SHA256=7E0AE6C09E3D3027799C648B19F9113238D07BA06F3BD745EE54482CBAF95CFE,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:48.675{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FF4-61E8-6A0A-000000002302}7504C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:48.675{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:48.675{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:48.675{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:48.675{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0FF4-61E8-6A0A-000000002302}7504C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000253467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:48.675{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:48.675{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FF4-61E8-6A0A-000000002302}7504C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000253465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:48.676{ED6274ED-0FF4-61E8-6A0A-000000002302}7504C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000253464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:48.544{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E6FD03ED1190BCB37496A2355919BA03,SHA256=453D61B26850CB826DA3948EBD30E7A52A936A6BAD578A3CD170CDA526172250,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.844{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FF5-61E8-6C0A-000000002302}7824C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.844{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.844{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.844{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.844{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.844{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0FF5-61E8-6C0A-000000002302}7824C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000253485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.844{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FF5-61E8-6C0A-000000002302}7824C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000253484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.846{ED6274ED-0FF5-61E8-6C0A-000000002302}7824C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000253483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.697{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=3DF10DA9E0F2CDAA6F593428EE0CBBA7,SHA256=288CA81D82A2B97E8D26ADE6176CF91D055FD94736D7CEBE36E163909EEAB029,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.696{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=FD80879C0BB6443046C9893F310030C5,SHA256=D5F9C2739C6BBCF37B613E9D71AFCFAD0F559AC79438F1A23C3AB057F1F3938A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.559{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CD754A8166EE288166C098D5E2C12826,SHA256=9803CFD96C737B75F2229F48063080E440DDAE591E36E677F7ABF94C064A4F83,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178724Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:49.492{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2F5651C32CF580F1DF179B0FDD0A9467,SHA256=277941F992542657779BB948E564B1EEF0E6C526E4D036250731D5ED74E3DA07,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.344{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FF5-61E8-6B0A-000000002302}8048C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.344{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.344{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.344{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.344{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.344{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0FF5-61E8-6B0A-000000002302}8048C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000253474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.344{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FF5-61E8-6B0A-000000002302}8048C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000253473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:49.345{ED6274ED-0FF5-61E8-6B0A-000000002302}8048C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000253608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.987{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=03F40BD0B1B2B5AB5E545B1E16870FA8,SHA256=46946E42CFCA9B397E01E64429BD8B458994BB0909CB7A7B1AE346021C1ABC87,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.987{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=3DF10DA9E0F2CDAA6F593428EE0CBBA7,SHA256=288CA81D82A2B97E8D26ADE6176CF91D055FD94736D7CEBE36E163909EEAB029,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178725Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:50.523{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8CF7270698657DBA84A19D8C163DD825,SHA256=D2488CADABBB6AF9BFDD2FFB4743A33551F6877922AE5792A7B5F1E9B10B9E09,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.572{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.556{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.555{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.554{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.554{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.553{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.552{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.552{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.551{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.550{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.230{ED6274ED-0FF5-61E8-6C0A-000000002302}78247432C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178726Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:51.554{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9D4D000078F4F28977C0A720D0684FE7,SHA256=5A2DBD50B9F8E8F2C350A60A7B16B63EBE861F58BCB1F188AE80A9A875766A93,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:51.602{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8DCD0572E7BAD513926E10435D81CE25,SHA256=382A23BB4A34CDCF1DE4C54B00E902AC4375F9CD32755907604298653836FDAB,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000253610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:50.196{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60314-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000253609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:51.003{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=61888C14C3B9E6AA0BEF2CD85B726D05,SHA256=61EBF541C6165782F49A828838EBC1437732B1960C7E894AA18A12A0BDC46662,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178727Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:52.570{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1C4BFFA47CDDA24FCD9E693430DDB314,SHA256=8BD935CB29D895798EF563AB37CD0395C176FC1D6455F2629EC3E2E22B2FE331,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.975{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FF8-61E8-6E0A-000000002302}6980C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.975{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.975{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.975{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.975{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.975{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0FF8-61E8-6E0A-000000002302}6980C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000253623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.975{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FF8-61E8-6E0A-000000002302}6980C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000253622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.976{ED6274ED-0FF8-61E8-6E0A-000000002302}6980C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000253621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.622{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=26986A24623FAF0373EAFE2299BAECFF,SHA256=BCDDF4F74D455C00BA4E96BD08D986AF213A6996EA295E25044468FDB445C51A,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.591{ED6274ED-0FF8-61E8-6D0A-000000002302}52406356C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.321{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FF8-61E8-6D0A-000000002302}5240C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.305{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.305{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.305{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.305{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.305{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0FF8-61E8-6D0A-000000002302}5240C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000253613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.305{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FF8-61E8-6D0A-000000002302}5240C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000253612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:52.307{ED6274ED-0FF8-61E8-6D0A-000000002302}5240C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178730Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:53.804{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4E4D929C0E122CA2A0B9B6C388F042C0,SHA256=668BB6C1F4AC149B1313F061EBDA291FD47ACB4A131A08A1ABBBA371148F84A5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:53.656{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3338D4427154B4009F07C517C5CAD208,SHA256=4D26DC579DC62EE433FEDF65A047F22D504F6A0D42E8C2A1E8F5855AC3E640D5,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178729Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:51.051{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53342-false10.0.1.12-8000- 23542300x8000000000000000178728Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:53.023{F0653C0F-C6EC-61E7-1F00-000000002402}1924NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 11241100x8000000000000000253635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:53.471{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\AlternateServices.txt2022-01-17 16:11:40.080 23542300x8000000000000000253634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:53.471{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\AlternateServices.txtMD5=C638018F38A4EF70A16B48BAAE21F900,SHA256=4012B4B22037B8583307BFAECAFD383DCF8445EC553F85E3CFE5BCBB7F295B3D,IMPHASH=00000000000000000000000000000000falsetrue 11241100x8000000000000000253633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:53.372{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\SiteSecurityServiceState.txt2022-01-17 16:11:39.965 23542300x8000000000000000253632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:53.372{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\SiteSecurityServiceState.txtMD5=CFD1CF8A905E8E90A559D861EBFB346B,SHA256=278A3D8D5FF80652F4E71F278BCD7699A6978C81B434DF9F1045FFA631DA5787,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:53.309{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=1F31374A8A8F42E8608731805E1BEE44,SHA256=921D636242AEAEA25201832C0F21B6F8528261B4A669F65756C07792D26E4432,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:53.271{ED6274ED-0FF8-61E8-6E0A-000000002302}69808188C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178731Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:54.914{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D1757CD6B8617ABE434C33F6C3FD3445,SHA256=F8467151B25F41BBC5729A6B2006CB4354BB956FFDDB216340E6442B8F0521CB,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:54.791{ED6274ED-0FFA-61E8-6F0A-000000002302}77088164C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000253646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:54.692{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2972CC5FF5E673E7A612E173CDAD7C6E,SHA256=F800A9F7C9E46AE8ADE0530695A2572BE4EE975C2CA66285C6DC9233A5891B3F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:54.570{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FFA-61E8-6F0A-000000002302}7708C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:54.570{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:54.570{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:54.570{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:54.570{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:54.570{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-0FFA-61E8-6F0A-000000002302}7708C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000253639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:54.570{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FFA-61E8-6F0A-000000002302}7708C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000253638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:54.571{ED6274ED-0FFA-61E8-6F0A-000000002302}7708C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000253637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:54.408{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=1F56552CC37EE2BD2F886DCB75700F6C,SHA256=B48C646A677EAF2F832AC8173F41B4C7C659D443EF139A4EDF26A9DF8EF85B7B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178733Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:55.929{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E035A0293644A85ECBF7A13C4D8CA19A,SHA256=A66E14385E1BD902A17E606FDDC3497D966BB70683EC3616A8177FE0207C581E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.996{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A33EFC29F454532393800D1CB00DEF34,SHA256=58C2D34EC937800C226ED4ED8A49536CE46FC3804D088038862B1B53317E1FD1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.974{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0BC9EF746B1777A2EE1DB9CD70B1D132,SHA256=547176547D5E295AEBB16770FF0E1AECC3AFF17806AE9A72044624BEF80F4230,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178732Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:52.942{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53343-false10.0.1.12-8089- 354300x8000000000000000253768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:53.659{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exeATTACKRANGE\Administratortcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60316-false34.117.237.239239.237.117.34.bc.googleusercontent.com443https 354300x8000000000000000253767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:53.658{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local50541- 354300x8000000000000000253766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:53.655{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local49750- 354300x8000000000000000253765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:53.453{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60315-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000253764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:53.452{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exeNT AUTHORITY\SYSTEMtcptruetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60315-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 10341000x8000000000000000253763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.596{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.594{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.594{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.594{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.594{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.594{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.594{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.594{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.594{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.594{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.594{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000253704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=30FF48942812FC8A700224411C508BB1,SHA256=7B6AD544ADDEB4B1847F72D18C6F3512DE5A6582B60490D95DB7C3B3F83DB7A1,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.593{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.592{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.592{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.592{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.592{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.592{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.592{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.591{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.591{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.591{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.591{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.591{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.591{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.591{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.590{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.590{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.590{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 23542300x8000000000000000253664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=414D9DA03FAB16142E18A2287E8E54F3,SHA256=D9756BAA232F87BC47E939DF3DA9D36892BD9BF719AD7EF44192BE7A98DD462E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.575{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000253771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:56.974{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=22AAF74C32460BC1092DC0F8A64CBC49,SHA256=C3706B311430EE6FC25C4C677C950E4A8323C0E7AF5285BEDEA3E06A21F0BF4C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178734Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:56.963{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=71F3A16F6885B9B982AE955D34ED8661,SHA256=F6DB971A04EF4FE0A2D4821C31AB95AC502BC668DE3F8AB5AB4C3E900189074E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:57.996{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=027723498838C8E32A77D3D7FDCC11DD,SHA256=5248962271EFE91212BCF55D7A135E63F618E6077F2A1F5DE40465B44DE14EE4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:57.644{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-0FFD-61E8-700A-000000002302}7580C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:57.644{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:57.644{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:57.644{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:57.644{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000253779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:57.644{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-0FFD-61E8-700A-000000002302}7580C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000253778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:57.644{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-0FFD-61E8-700A-000000002302}7580C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000253777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:57.644{ED6274ED-0FFD-61E8-700A-000000002302}7580C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 354300x8000000000000000253776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.842{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local64493- 354300x8000000000000000253775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.841{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local52710- 354300x8000000000000000253774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.839{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53829- 354300x8000000000000000253773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:55.839{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local63538- 23542300x8000000000000000253772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:57.111{ED6274ED-C704-61E7-2B00-000000002302}2988NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178735Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:57.160{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\respondent-20220119080814-303MD5=26E1A90A17A870013EF4C4218FE87777,SHA256=02B0674969846812EB5EACE6FE845327C5B46FC53D45D3793660008BF07077BC,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178738Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:56.113{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53344-false10.0.1.12-8000- 23542300x8000000000000000178737Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:58.150{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\surveyor-20220119080812-304MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178736Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:58.009{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EAE8CDC832A788FFD7256188AFDDAEDA,SHA256=B4B05D6B626E052FF158B7E88363D462ECE38E55C7B188C95FAA2664785F1EBA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:58.656{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=E7C0C06C05BBF8B574828ACE927ECC6A,SHA256=F5A686CDE99A3DAB5253A8C2931902E2CA47BE0992A28421E0928463EB527307,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:58.605{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Local\Mozilla\Firefox\Profiles\0pk4oq24.default-release\cache2\doomed\26652MD5=8F93DC855C5F40C01C892357690A71C0,SHA256=4188422BCD9F4821581A9B741FBAFD583C1BB205F32A9B7783EB7C0576DBB195,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000253787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:57.155{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60318-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8089- 354300x8000000000000000253786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:56.124{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60317-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000178739Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:19:59.057{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=61A4DCA23C06FF25D1FCD7803CB4BC3E,SHA256=2682B98B44B7E903E59345D3AADECE0BF9C320E765B9B6A45FE7373D87B3C2BD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:19:59.006{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8B66546081D345A823CBA3BA4498CB8B,SHA256=F20530CD04801A322C92E94D22CD8C7F53E3BFCE01F67BD212762851F5424865,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178740Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:00.072{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=97CE33BE44EAA47494FF66D4D9E05913,SHA256=438CB4940768FA3C5AAED810010EC1A54C64BEEF75556B69A9813700FFC5575F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.839{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5D4301331E4847EF0D238BE7CBA6FE74,SHA256=B3183B172E2F6DFED0A06AEEA61321C3D455E23719DE74294F8508914B6BF71C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.707{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.707{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.707{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.707{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.707{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.707{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.707{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.707{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.707{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.706{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.706{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.706{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.706{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.706{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.705{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.704{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.704{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.704{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.704{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.703{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.703{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.703{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.703{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.687{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.671{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.655{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.655{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.655{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.655{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.655{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.655{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.655{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000253818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.640{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=70764833CF18A41E66985ED380615CB3,SHA256=03025C55153D4DD68F0A4043D97ADA9F0AD19CD33CFA024E7028A3C5CBBFC82F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.607{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.607{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.607{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.607{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.606{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.605{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.605{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.602{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.602{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000253791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:00.009{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BED5E67FEAA6AB051569661B83A00BF4,SHA256=7B6D9FE51380ADA08E574D9C5DB034786A1E3A209F720878468F417F9AADB0BC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178741Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:01.119{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3AD2A382DAC6E2305349C3E50876A52A,SHA256=7A88EBCF698A880AFC58C7058FAEE42426F9B7335C340164287A75F6A33B4F3C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:01.025{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EBD623CF4F3F9C88DCBA19987613959C,SHA256=154C5E90372AAEC22A414A5E2A87E628AF4A47ACC0BC820EB16CA2085CCE4AC8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178742Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:02.150{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CDF2643328C9E0BC7C5E6D57E45956D6,SHA256=8CB61B857EFB7B7791141C2BCAEEDD38BA64A9FC4F8DE544801688629B8B417A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:02.376{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=B849D61E6FFC7033EE3476607B4B2271,SHA256=4284D8420587E52F13D74290E7C77C5D22A8B68C1DF04FFD49963A4D7BC269D3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:02.040{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=26CFBCF4C4110935C4602ACA884173A0,SHA256=4EACA224635BF81725FB3EBF54C74C0B9F904BFC4863BEB6F97A4A10307E2418,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178744Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:02.037{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53345-false10.0.1.12-8000- 23542300x8000000000000000178743Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:03.244{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A0CEDE6E244404468CB6830FED58FB54,SHA256=AED63F8017911FCE6B41BB38FB324CAC3D4380D9C695CA76031FAA73072BE6EC,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000253912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:01.221{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60319-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000253911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:03.060{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0A840A954C55DE9802AC78388AC2E281,SHA256=9C83A12C218CF98C36AC21A77AB19E23042EDDCA43FA7C36435EC603B27F7EFD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000253913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:04.065{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0B7A0DFCC607DB74200DCAC562B97974,SHA256=38CBEB835AD71112C2A45C9EDF9B9139655B8FD1FA4015EAB552235D28349B05,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178745Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:04.353{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5B81E84CAB3B9BFE25080FD871A49B9A,SHA256=64D1C48AE9CB8CBB38C57E87BAF0410442C4663C7D0275F359B8F6C5B2300497,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178746Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:05.385{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DF06293FA529D7403E1B911B64080003,SHA256=F84B10903FC69EF0C7ADEBE7C158E5667F0D7361BC62341DA904320C56AF79ED,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.775{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shmMD5=B7C14EC6110FA820CA6B65F5AEC85911,SHA256=FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.775{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shmMD5=87E23D77F4EEB5BCFE70F0E1D1CC08B1,SHA256=D319F620FD614028584C5F7BB3921A1CAD36C409760E198201935DBB16B9760F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.712{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=08F7E1CD5322E9F88244FF0A8D1C368B,SHA256=6637DD4EFC795FD505C7B63E9B970AD4251041D0F55D854C8743DCF3F3CD9CB0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000253967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000253947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6D8F38E296B534E26493C127A9AFD670,SHA256=B72D5A37F5F93ECD8B54B9E83DBA44198A8E20E994E41B7D81340F955EC2A95F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000253946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000253940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.612{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.610{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.610{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.610{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.610{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.610{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.610{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.609{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.609{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.609{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.609{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.609{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.609{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.609{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.609{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.608{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.607{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.607{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.607{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.607{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000253915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.607{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000253914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:05.076{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0D83E5BE2EEE2B9BBDE144E664A327D2,SHA256=F105F6EC5334B679C9B2105F582618058CE0C380BF93A4AC80A15D76E1870E18,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178747Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:06.464{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D875E6CA7AF4514AE2B6D3DF86DAB6C9,SHA256=23B2B3BAD673E9F0FB73575924650B89671C08219854B328C155224FEE79C6B5,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:06.475{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:06.475{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:06.475{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:06.475{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:06.090{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C8516417A9E7758AC7AD2FF4A9FBC9DC,SHA256=75063154D9D4A89EA5107124629B698D0DAD70708F26DC07D4C2E1546236DADB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178748Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:07.478{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D46BC4F1D8C636803ED371B31F59DC39,SHA256=692AD399EA93424189C26CC0E14FDEDF418D148A24CECA2FE720D0EBD1A7418A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:07.092{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A19A8EB4FCA6A608CE21F8553433B2E4,SHA256=FA514DC719E5DB88EAA3DD7E26FEC31002D9FF043D1F1B2A939CD74339E61E02,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178749Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:08.541{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E26FB3CF90C026FF301713E0EC601F92,SHA256=DFD3C54C03FBF6A9B124346DF36C16EA93E85C04B05AC9167E57FE6BE35D93AA,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.911{ED6274ED-C83C-61E7-B500-000000002302}47008076C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.910{ED6274ED-C83C-61E7-B500-000000002302}47008076C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.910{ED6274ED-C83C-61E7-B500-000000002302}47008076C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.909{ED6274ED-C83C-61E7-B500-000000002302}47005040C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.908{ED6274ED-C83C-61E7-B500-000000002302}47005040C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.908{ED6274ED-C83C-61E7-B500-000000002302}47005040C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.907{ED6274ED-C83C-61E7-B500-000000002302}47005040C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\Explorer.EXE+1f054|C:\Windows\Explorer.EXE+1f000|C:\Windows\Explorer.EXE+1dfec|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.899{ED6274ED-C83B-61E7-B000-000000002302}43164388C:\Windows\system32\taskhostw.exe{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\MSCTF.dll+af11|C:\Windows\System32\MSCTF.dll+b489|C:\Windows\System32\MSCTF.dll+be73|C:\Windows\System32\MSCTF.dll+3d812|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.885{ED6274ED-C83B-61E7-B000-000000002302}43164388C:\Windows\system32\taskhostw.exe{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\MSCTF.dll+af11|C:\Windows\System32\MSCTF.dll+b489|C:\Windows\System32\MSCTF.dll+be73|C:\Windows\System32\MSCTF.dll+3d812|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.885{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62db0|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.885{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+47bc0|C:\Windows\System32\SHELL32.dll+62d6c|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.885{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.885{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 354300x8000000000000000254053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:07.110{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60320-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000254052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.786{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.786{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.786{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.786{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.770{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.770{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.739{ED6274ED-C837-61E7-A600-000000002302}34043900C:\Windows\system32\csrss.exe{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000254045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.739{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.739{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.739{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.739{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.739{ED6274ED-C83C-61E7-B500-000000002302}47005776C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\7-Zip\7-zip.dll+545c|C:\Program Files\7-Zip\7-zip.dll+67e5|C:\Program Files\7-Zip\7-zip.dll+6fbe|C:\Program Files\7-Zip\7-zip.dll+70d9|C:\Program Files\7-Zip\7-zip.dll+8e20|C:\Program Files\7-Zip\7-zip.dll+c301|C:\Windows\System32\SHELL32.dll+80267|C:\Windows\System32\SHELL32.dll+6717e|C:\Windows\System32\SHELL32.dll+17c29c|C:\Windows\System32\SHELL32.dll+19ea38|C:\Windows\System32\SHELL32.dll+284513|C:\Windows\system32\explorerframe.dll+13cf7b|C:\Windows\system32\explorerframe.dll+139d07|C:\Windows\System32\SHELL32.dll+17c540|C:\Windows\System32\SHELL32.dll+1799be|C:\Windows\System32\SHELL32.dll+736d1|C:\Windows\System32\SHELL32.dll+765b6|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\System32\DUser.dll+17b15 154100x8000000000000000254040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.747{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe21.077-Zip GUI7-ZipIgor Pavlov7zg.exe"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Temp\new\" -an -ai#7zMap21095:178:7zEvent13766C:\Windows\system32\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=300B8E1F636DCDE7269EF18600493819,SHA256=3AEF7662DCDBBC952A3ECD3677DA943EF3D4AECB5BD624625B6B176B1B5CE617,IMPHASH=C60649CDE63EC51599F93CD2D0157322{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\explorer.exeC:\Windows\Explorer.EXE /NOUACCHECK 23542300x8000000000000000254039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:08.093{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3D20D15FE6EFD0B90AD01D1BAE5629FC,SHA256=744657B023E18F15C13AF370466442449C414889B110594EC66DCEF948576D5A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178750Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:09.572{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7991A2A4B4E71E9DB80507E11264574B,SHA256=8CB2DB73D1E5D7B59576BDB3D77ADEAF4EA884F3B0DE0728AFE3FCDE6472C0C9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:09.754{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=6644E6B1C4D74F717FCB6246C871C047,SHA256=58B10410CD244CF040B6BD2A6EF7CC9B5B8E3A83D0D3279E872FD72ECAE59950,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:09.754{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=B2D7B0492753F7D651AFF0DDA6024939,SHA256=DAE2BF2F96C613B62E19ED383C4C8BC546ACF0D7FC898D12CD0855A28C5B0A47,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:09.155{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BED5803F8254638532954F05B007F756,SHA256=18DEC8048675D73148C53DC080853839355E7E551EC9A9F371BEC555D4D3CA9A,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:09.023{ED6274ED-C83B-61E7-B000-000000002302}43164388C:\Windows\system32\taskhostw.exe{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\MSCTF.dll+af11|C:\Windows\System32\MSCTF.dll+b489|C:\Windows\System32\MSCTF.dll+be73|C:\Windows\System32\MSCTF.dll+3d812|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178751Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:10.681{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=555FB1FA4A9621628816D1D0B4A47C2E,SHA256=08B19FF340249F7EEDA93DA836A303FFAF1A08599E01AB6946430C55B3458119,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.870{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5FC65FF2DFB7E569351C565659B7CAB6,SHA256=F9B81548B2B7EB909A41CDB5B50BCC03B0C075111F795505F32E84A56E6F63D9,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000254101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.626{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E1F331E833680795AE0CA7F33D7D04CD,SHA256=1F8E9302E794AE8D73A24DCFA78BD40127F539BDC266889A0C7EF11A93B7BBFA,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.625{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.625{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.625{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.624{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.624{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.623{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.622{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.621{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.620{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.620{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.619{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.618{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.617{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.616{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.615{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.614{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.614{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.614{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.613{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.612{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.611{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.610{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.485{ED6274ED-C83C-61E7-B500-000000002302}47008076C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.485{ED6274ED-C83C-61E7-B500-000000002302}47008076C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.485{ED6274ED-C83C-61E7-B500-000000002302}47008076C:\Windows\Explorer.EXE{ED6274ED-1008-61E8-710A-000000002302}4728C:\Program Files\7-Zip\7zG.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:10.169{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=911AC80BAE7487C35055183D2C69D2D3,SHA256=4498EC81DDFCCF2A9F8609F6AFE8A3CA63EE2554E97197C17AB11AC3E3DD037A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178753Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:11.697{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=251A1096EF618185DE5AC876F0F5660D,SHA256=3E2119ED27260C36966CC44AC617E2CBE7DD6BB69CFF26DE47ECE64B4CAD0509,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000254192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:09.267{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse52.173.17.79-62601-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local3389ms-wbt-server 23542300x8000000000000000254191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:11.186{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=145C01E34B6522423801DDE1B91AFDCC,SHA256=79C95D0BF46B308E88A22DEB350576388259439E3E6F1E2EA84B65954AD6F21E,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178752Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:08.021{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53346-false10.0.1.12-8000- 23542300x8000000000000000178755Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:12.760{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1B59804BEF6BB63FE3867E6295154704,SHA256=609B74A9CC39065E4CD7E761277EAE86F5535ABEF3A66115284E3AA1DABE1285,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:12.532{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=6644E6B1C4D74F717FCB6246C871C047,SHA256=58B10410CD244CF040B6BD2A6EF7CC9B5B8E3A83D0D3279E872FD72ECAE59950,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:12.223{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=123B3321058CA6EE86D095A5706E6CE6,SHA256=CF37C50485C28D200DA070EC860A0400A25FFAB35FA69C7733A91BE04F44DC79,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178754Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:10.563{F0653C0F-C6EB-61E7-1000-000000002402}940C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse52.173.17.79-63774-false10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal3389ms-wbt-server 23542300x8000000000000000178757Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:13.947{F0653C0F-C6EB-61E7-1100-000000002402}980NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.datMD5=8C40A8D86FACF0B77FCD91F9FC5079F0,SHA256=7B263BF4D3B9026A059B4180683E996F7D902DA2D4AF172300C6620707E93A27,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178756Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:13.822{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=44948323FCCDB742DF65D99B39A8F408,SHA256=58F0E7049A3FB143DEBC9D1DD9A8C617C03F8A513EC96D7E470C08C9BF95FF4C,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000254196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:12.246{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60321-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000254195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:13.230{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8EE0C78CD861DFBCB7C5228080C1E204,SHA256=1564DED1D012495AD76F758E312534219235B37D891E7156559E4596F97DA91F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178760Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:14.838{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6306E08B2A4701DBF27A8250DE34EFE2,SHA256=C9704A765B83F7F8F6A6B7CB380F05E89A2970BA690EECF18A0C7B74A95E935C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:14.247{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=24896276A513BCD7BB81B4238E54ACE1,SHA256=F463606C2318FEC0D19BE7DD3E7CEC5CA80EC1AFC4E687485A2FB965BC24C744,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178759Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:14.010{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=5BB612BB0E3EBD7EDC29169A58B6A211,SHA256=0E3B3F383D77FC420C5D949A9ADB4E1390B652544846CFE6ED8CF140BDA0EA3C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178758Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:14.010{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=5047B23248EAEA8F46533428C58F8345,SHA256=9032D8231818F36FB202FB6B1047724142CCBBE0AF835E6651134A1562063E1B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178765Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:15.869{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=207751E1858A4D10817D3B0C6E0401CA,SHA256=B6569310D8B0BE9A060E781A25B2254D708333E7090436270CD750FA127923F9,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178764Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:13.178{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53347-false10.0.1.12-8000- 10341000x8000000000000000178763Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:15.260{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EB-61E7-1300-000000002402}832C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178762Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:15.260{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EB-61E7-1300-000000002402}832C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178761Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:15.260{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EB-61E7-1300-000000002402}832C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.762{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8954CD79A6A16EB49AA82B514E5A5F33,SHA256=4704FD123367E5EB1D451EBC99CA4F988AC9AF08F7312FB3EAAB60AD0316A52E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.630{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.630{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.630{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.630{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000254225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.630{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4975BB8C9E6671917FA135E48946DA92,SHA256=67E817DD42DCA036F4E7BC191BAB293A5DB100E9924B8B515C7D04301724F680,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.630{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.630{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.630{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.629{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.629{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.629{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.628{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.627{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.627{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.627{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.627{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.625{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.625{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.625{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.625{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.625{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.625{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.625{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.624{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.624{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000254198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:15.262{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FA78A8B56D9BD715745EEE2F34CFC782,SHA256=D4955F43FF2C6999BA5F0C4B19A7BEED4FBF55641199E5F8C5A9CF3FDF2360E9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178766Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:16.902{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E9EEBD1C01037F3AB4B22B0E8586A2EF,SHA256=8C6ADE76DCB5EC00D110B16E52B5840E8CFAA56A7F99DF05D0D90D012F294C91,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:16.279{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=942ED13CA64E948EB296B823F6464F4B,SHA256=C1705C89AAD9C2107C1F6B9366387FB18C2467D35BBED44CD9B48FE7B6ABDF99,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178767Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:17.932{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E6100FA8876A142D3434D908F3B783DC,SHA256=BE6C8BEB645CC096FD0274DFD0AFA641589827DA6A96BCD7336035997B1F32CD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:17.279{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EC218611D587BDAF969C8F7EF5227A50,SHA256=DA6CBC7BCF3967010A641FD836904E35C757107E32BA7054C3654C74EE708324,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178768Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:18.978{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2BC24B2E306AE3EDBBDDA1842072EB11,SHA256=E97AA91CA00AC780D80AD817CB83AA15CADEDCE8F7A95275BFEAE9C6635C3D08,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000254318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:17.313{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60322-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000254317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:18.279{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=89B97567ADFF052BD4263AD03407D18E,SHA256=203D42D403B1B3D3F6664DB3DADE68784CE429E51DE91E2A68F222CCDE3E46B2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:19.310{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FC7504CB174A36CD0D1AD06B48E2C3E3,SHA256=AB38922D5248EBFA852384815A4CDF987CE33F30F1174D0123B2EFC09C82FDD7,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178770Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:19.053{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53348-false10.0.1.12-8000- 23542300x8000000000000000178769Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:20.056{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=963C0E538DF8C1C47DB3CA3479328F0C,SHA256=4495A958FFD810F7FDFF1FAF6E8FEA9F766F76800E41219D4240C12E18811870,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.843{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6A412DDFBE13050BA3FE8ED668EA391E,SHA256=3412B258BAE70DC5EE590187CBACDEA00F94A0C0148519E6A04E3F5446E4693B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.766{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ED3715C07506019E852535E6E9A59F37,SHA256=56BCFF3A143FAC95B12ED1F4FA0A60045894715D462BFAA9D9A39F014BA09C77,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0F9F-61E8-5D0A-000000002302}8156C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.635{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.635{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.635{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.635{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.635{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.635{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.635{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.635{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.635{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.635{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.635{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.633{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.633{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.633{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.633{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.632{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.632{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.632{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.632{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.632{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.630{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.630{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.629{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 13241300x8000000000000000254325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:20:20.551{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exeHKLM\System\CurrentControlSet\Services\DFSR\Parameters\Volumes\CFE4E044-0000-0000-0000-100000000000\Volume Configuration File\\.\C:\System Volume Information\DFSR\Config\Volume_CFE4E044-0000-0000-0000-100000000000.XML 13241300x8000000000000000254324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:20:20.535{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exeHKLM\System\CurrentControlSet\Services\DFSR\Parameters\Replication Groups\62A1E1BE-B454-40C9-A5C2-BE9F158605C7\Config SourceDWORD (0x00000001) 13241300x8000000000000000254323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:20:20.535{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exeHKLM\System\CurrentControlSet\Services\DFSR\Parameters\Replication Groups\62A1E1BE-B454-40C9-A5C2-BE9F158605C7\Replica Set Configuration File\\?\C:\System Volume Information\DFSR\Config\Replica_62A1E1BE-B454-40C9-A5C2-BE9F158605C7.XML 10341000x8000000000000000254322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.513{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.513{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.313{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5E475D465192027EB3938FC42D1C1CA9,SHA256=1D6153246FC74EADA812C471A49F5EE4238F83611E4E0A30422EBBD19B114D15,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178771Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:21.197{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A2EBA2EDE54817A7C0ABDD6AF81F2D3C,SHA256=2295B70D64184F8EB996A789239606945733E95779529D95F2BD47B3BBB464FD,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:21.382{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:21.382{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:21.382{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:21.335{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=472B268DC39753425E3FF4131474B2AA,SHA256=195DA7FCCAC0B984638E9BE5DD08060ECA88C8A16B0F945DA696B3A5E637D75B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000254468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:21.446{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60324-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000254467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:21.446{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\System32\dfsrs.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60324-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local389ldap 10341000x8000000000000000254466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.597{ED6274ED-C83C-61E7-B500-000000002302}47005776C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\ole32.dll+8a12e|C:\Windows\System32\ole32.dll+89a2b|C:\Windows\System32\ole32.dll+88be7|C:\Windows\System32\ole32.dll+8c817|C:\Windows\System32\SHELL32.dll+2c8e0d|C:\Windows\System32\SHELL32.dll+2838ce|C:\Windows\system32\explorerframe.dll+b29b9|C:\Windows\system32\DUI70.dll+48b9d|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\System32\DUser.dll+9f5a|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58770|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58547|C:\Windows\system32\explorerframe.dll+4f50e|C:\Windows\system32\explorerframe.dll+4d2f6|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+587c9|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58547|C:\Windows\system32\explorerframe.dll+1aced|C:\Windows\system32\explorerframe.dll+1ac26|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+587c9 10341000x8000000000000000254465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.597{ED6274ED-C83C-61E7-B500-000000002302}47005776C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\ole32.dll+b5f02|C:\Windows\System32\ole32.dll+899f9|C:\Windows\System32\ole32.dll+88be7|C:\Windows\System32\ole32.dll+8c817|C:\Windows\System32\SHELL32.dll+2c8e0d|C:\Windows\System32\SHELL32.dll+2838ce|C:\Windows\system32\explorerframe.dll+b29b9|C:\Windows\system32\DUI70.dll+48b9d|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\System32\DUser.dll+9f5a|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58770|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58547|C:\Windows\system32\explorerframe.dll+4f50e|C:\Windows\system32\explorerframe.dll+4d2f6|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+587c9|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58547|C:\Windows\system32\explorerframe.dll+1aced|C:\Windows\system32\explorerframe.dll+1ac26|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+587c9 23542300x8000000000000000254464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.397{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=D68C940AB1AF5043942607BDE198C39E,SHA256=DC5B81E9D20F5519524089666BEF9D20E8DA17B20C53F5A36540E8B484772F98,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.397{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.397{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.397{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=34921AF2C580C30C43AD2C05FE37FCBA,SHA256=A0EF6EF988FAF2E5053422B975184DD12B60A4D064EE1ACEF4AE972A3BE9822D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.366{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D21EE6691D2C833A9659E4E2C67B7428,SHA256=86C950DAFD2F60EC10B66C56B30AC96C7626790FAD5F8AEF5A13468504DB11B7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178799Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.963{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1016-61E8-1A09-000000002402}3652C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178798Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178797Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178796Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178795Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178794Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178793Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178792Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178791Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178790Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178789Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.963{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-1016-61E8-1A09-000000002402}3652C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178788Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.963{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1016-61E8-1A09-000000002402}3652C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178787Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.964{F0653C0F-1016-61E8-1A09-000000002402}3652C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000178786Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.447{F0653C0F-1016-61E8-1909-000000002402}30522856C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178785Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.291{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1016-61E8-1909-000000002402}3052C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178784Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.291{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178783Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.291{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178782Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.291{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178781Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.291{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178780Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.291{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178779Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.291{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178778Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.291{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178777Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.291{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178776Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.291{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178775Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.291{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-1016-61E8-1909-000000002402}3052C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178774Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.291{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1016-61E8-1909-000000002402}3052C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178773Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.292{F0653C0F-1016-61E8-1909-000000002402}3052C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178772Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:22.197{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F90E710C337D725EE266B2D99219959A,SHA256=DA74DD83DBEDAE59D1D84A79DC38728EB9CF52F6F1B583C5867668E5168F3990,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.335{ED6274ED-C83C-61E7-B500-000000002302}47005776C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\ole32.dll+8a220|C:\Windows\System32\ole32.dll+8c32e|C:\Windows\System32\ole32.dll+8c7fb|C:\Windows\System32\SHELL32.dll+2c8e0d|C:\Windows\System32\SHELL32.dll+2838ce|C:\Windows\system32\explorerframe.dll+b29b9|C:\Windows\system32\DUI70.dll+48b9d|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\System32\DUser.dll+9f5a|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11d7b|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58770|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58547|C:\Windows\system32\explorerframe.dll+4f50e|C:\Windows\system32\explorerframe.dll+4d2f6|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+587c9|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+58547|C:\Windows\system32\explorerframe.dll+1aced|C:\Windows\system32\explorerframe.dll+1ac26|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+587c9|C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.4169_none_7de0bbf28341b1f2\comctl32.dll+5888a 10341000x8000000000000000254458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.281{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-1016-61E8-720A-000000002302}7580C:\Windows\system32\DllHost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.281{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-1016-61E8-720A-000000002302}7580C:\Windows\system32\DllHost.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.281{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-1016-61E8-720A-000000002302}7580C:\Windows\system32\DllHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.266{ED6274ED-C837-61E7-A600-000000002302}34043900C:\Windows\system32\csrss.exe{ED6274ED-1016-61E8-720A-000000002302}7580C:\Windows\system32\DllHost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\SYSTEM32\CSRSRV.dll+1a30|C:\Windows\SYSTEM32\CSRSRV.dll+5c09|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000254454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.266{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-1016-61E8-720A-000000002302}7580C:\Windows\system32\DllHost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000254453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.266{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-1016-61E8-720A-000000002302}7580C:\Windows\system32\DllHost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6f453|C:\Windows\System32\KERNEL32.DLL+1d37f|c:\windows\system32\rpcss.dll+366d9|c:\windows\system32\rpcss.dll+3bec2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.213{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.213{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.213{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 354300x8000000000000000254449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.584{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60323-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local135epmap 354300x8000000000000000254448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:20.584{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\System32\dfsrs.exeNT AUTHORITY\SYSTEMtcptruetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60323-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local135epmap 23542300x8000000000000000254447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.066{ED6274ED-C6F3-61E7-1300-000000002302}704NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.datMD5=04ACA49C2ECC5CB19D49A10D7571B7FB,SHA256=7B71FF48B51C185FF1BB1077E7E179F2E880B1A21335786F530011780EB0CABE,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:23.497{ED6274ED-C83C-61E7-B500-000000002302}47008076C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:23.497{ED6274ED-C83C-61E7-B500-000000002302}47008076C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:23.497{ED6274ED-C83C-61E7-B500-000000002302}47008076C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:23.481{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62db0|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:23.481{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+47bc0|C:\Windows\System32\SHELL32.dll+62d6c|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:23.481{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:23.481{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:23.397{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3B475A9DB5F17B81EC9D4C2BC412EC21,SHA256=75C2526973C44A55DE165A8814EA79B128BC5B11CA6BF3CD475B6D0679DAD9E0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178815Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1017-61E8-1B09-000000002402}3100C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178814Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178813Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178812Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178811Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178810Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178809Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178808Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178807Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178806Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178805Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-1017-61E8-1B09-000000002402}3100C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178804Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1017-61E8-1B09-000000002402}3100C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178803Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.635{F0653C0F-1017-61E8-1B09-000000002402}3100C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178802Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.447{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=214A6532C68709DC6332F5AE36F69184,SHA256=34889D65637EF1E2F4B86B48F81CB1B9C293D15ECED90A50CB7C379E14F8A698,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178801Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.447{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=5BB612BB0E3EBD7EDC29169A58B6A211,SHA256=0E3B3F383D77FC420C5D949A9ADB4E1390B652544846CFE6ED8CF140BDA0EA3C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178800Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:23.338{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=433CA82C48D5F0A1F14706589ADD1C88,SHA256=CF906690D4B1DCA75709E1A713CA6181F44BC236BB06981717A45805C3B40129,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000254470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.277{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60325-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000254469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:22.277{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\System32\dfsrs.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60325-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local389ldap 23542300x8000000000000000178817Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:24.681{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=214A6532C68709DC6332F5AE36F69184,SHA256=34889D65637EF1E2F4B86B48F81CB1B9C293D15ECED90A50CB7C379E14F8A698,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178816Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:24.400{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A86A76A36F8A94AE66109C3196146CC6,SHA256=56AC54A228353A276726AB4A15E676F5206F28F56DEE80F727E0032979F9E766,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:24.980{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SystemMD5=EAACBF712797FA7952357F2775FE8DEE,SHA256=C15FFC79A0C792E99A8D29DF9B21F3CB35FA2C3467689C47234A538DEF188C2A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:24.980{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SystemMD5=546BF8B0AF50B1F76A225DB316CC4C62,SHA256=E55FA8C78D39DAEAD0A7D2348FB916011F719394368E6BEF6F753AB99236444C,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000254481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:23.190{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60326-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000254480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:24.707{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\respondent-20220119080839-303MD5=31AE3B99E9722C70B2B0BF5629B78D35,SHA256=018F3996AECFCFD96518A9A6A1237881C0D4A214E94965D02F176A723ABECB27,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:24.410{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=92D562A74E888DFB5B034511E9CF6A3C,SHA256=427062BDE7E1C0CA170A0BDFA1289CF88046593C5A2496E4E39B08E6AD855F86,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.842{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.842{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.716{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EC51E9E1CE9BAF0EDBDA7751E7FE1D06,SHA256=E55498C2970CF74BC404B97AF70A6F4229461F91513B97A785D1466A95398072,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.712{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\surveyor-20220119080836-304MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.663{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9228D7ABFD709A077C464613128C74EE,SHA256=0713EC57AFD8B01E7E34A81EDFAD31B2B3248323ACEE9B38FAE73660442D4682,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1016-61E8-720A-000000002302}7580C:\Windows\system32\DllHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178818Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:25.416{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=362299008CF86B5CCB4CDF7F4ED1CBAA,SHA256=BD8F9D02044A9727DA90288AA73B400B81E0E52D427096365D49F722FF6EB883,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000254484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:25.442{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F468B6AF30D22E3CA91A3DF7EAD49A25,SHA256=0D5C7801A8C4DD7CB130D935C2E6F59600F1BD35BAE9FDB527BBD00E5A4A1D98,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:26.462{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B34A8187D22F8F4A039AEFA277A61A58,SHA256=1AB65852D1F5305CBA81F9C5C904AB3DA0F2F27DEF0AF85D12159AC2207719CC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178834Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.885{F0653C0F-101A-61E8-1C09-000000002402}2580960C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178833Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.666{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-101A-61E8-1C09-000000002402}2580C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178832Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.666{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178831Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.666{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178830Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.666{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178829Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.666{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178828Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.666{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178827Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.666{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178826Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.666{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178825Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.666{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178824Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.666{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178823Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.666{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-101A-61E8-1C09-000000002402}2580C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178822Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.666{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-101A-61E8-1C09-000000002402}2580C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178821Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.667{F0653C0F-101A-61E8-1C09-000000002402}2580C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178820Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:26.431{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8B7F33E2C44386A895C3BBE702865783,SHA256=C4FD29D414BDA90E0A2178E0DA762F96E2C31AC7A1AF79CBC25DC513055E38BE,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:26.126{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:26.126{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:26.111{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:26.111{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 354300x8000000000000000178819Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:24.177{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53349-false10.0.1.12-8000- 23542300x8000000000000000254609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:27.480{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=92CCF0D6974FF7C530678F005C1C86B0,SHA256=320C0E13573F5D2819C0B672B72445EE67B46B8A66208853B88F1A45C745943C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178864Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.885{F0653C0F-101B-61E8-1E09-000000002402}35761648C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178863Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.713{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-101B-61E8-1E09-000000002402}3576C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178862Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.713{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178861Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.713{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178860Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.713{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178859Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.713{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178858Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.713{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178857Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.713{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178856Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.713{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178855Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.713{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178854Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.713{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178853Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.713{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-101B-61E8-1E09-000000002402}3576C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178852Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.713{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-101B-61E8-1E09-000000002402}3576C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178851Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.714{F0653C0F-101B-61E8-1E09-000000002402}3576C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178850Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.697{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=4DF36BB53B4C324579AA75A7CE9451AE,SHA256=D2A91EA0ACA949ADA3DB70BC4C976F967AD49B4490858864355C9BC8E84E3D11,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178849Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.619{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FAFDAE0ED62ACF2214E165EA25DA7CC6,SHA256=4D449DF9B4DD7807067D1D16E08CDA3CA102C42D151DF377E014607330B8DE05,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178848Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.322{F0653C0F-101B-61E8-1D09-000000002402}37802832C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178847Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.166{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-101B-61E8-1D09-000000002402}3780C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178846Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.166{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178845Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.166{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178844Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.166{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178843Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.166{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178842Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.166{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178841Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.166{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178840Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.166{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178839Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.166{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178838Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.166{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178837Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.166{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-101B-61E8-1D09-000000002402}3780C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178836Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.166{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-101B-61E8-1D09-000000002402}3780C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178835Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:27.167{F0653C0F-101B-61E8-1D09-000000002402}3780C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000254610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:28.489{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=83D56A8B64B2D7C1EB335C49EEBB7A8A,SHA256=93D6A947D41971FA094BE596602A9DAEF6294E2E6ED1C230C3B8EF36B4568F2A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178866Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:28.728{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=38C8533D54A6B96E10CCF846956E934C,SHA256=C8193AD830A4F2F98AD7F613D7D81CD26FEA0A9C15ECC8AF06AF445694D77588,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178865Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:28.697{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AF44A423270B2B5944421D97649FD980,SHA256=E8E84FCD1025C34CCD0839E50B678C2A2BF8072C3EDC7CBEDADAF8661D3513C4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178880Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.713{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=38E1EEE51851D75FA0443523EE732073,SHA256=AB0D53E1C1A9C8A10BB90606B3264AC4B57EC718B12FAD36CF79812C5B50BBE2,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:29.914{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:29.914{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:29.502{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=66D9BA603A851FF7789C40A55679AA85,SHA256=732160A60FFCC4CDC3E426F907C558FB6273E31D4AF16D8E6969D11EC5E047A9,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178879Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-101D-61E8-1F09-000000002402}740C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178878Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178877Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178876Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178875Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178874Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178873Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178872Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178871Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178870Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178869Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-101D-61E8-1F09-000000002402}740C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178868Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-101D-61E8-1F09-000000002402}740C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178867Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:29.010{F0653C0F-101D-61E8-1F09-000000002402}740C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178882Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:30.775{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=956400BE334542D0DB1F3BC29EA75612,SHA256=AFDEB9300EE3CB8C289CE08AD492C98C429876C06C2315451C5E828B44654EE7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.731{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=663C0ABE026A0EA7F02B749B7B87C5BE,SHA256=74A2535329580CA7C366A1D1C33356473ED961DE16DE794E28699DB9E08FF728,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178881Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:30.010{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=DF143B428964D58A2F365A2136A8BCB5,SHA256=C79B1C14B4C02FA1C12277A8A6DCA4B6FDE1D3B65EA4B1D287962C4A5FAFFD5B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000254663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F8F089916F252BEC4F7953FEF691BA20,SHA256=82E73D1318D43050ECA78B4F6FEE586906C1DD10B4EB1B09387413097BBC4F7C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.653{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.651{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.650{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.650{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.631{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000254615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:30.516{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1CC0963D1C3CB16ED6961121FBC3F514,SHA256=376E9DA6562D501ED217ADA9EE46D817DB1BF48DC43BF4E33C029F77077B0440,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000254614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:28.306{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60327-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000254731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:31.531{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=499F25596032FF2B8EC011B19AF6E296,SHA256=529D90AE1CA826CDF16D9CF86258F78107B75C8213E93D8743EA939E14203FF2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178883Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:31.791{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0160061148CABEDF1E5A21894C678726,SHA256=6744C01B1ECE4622EE64CF4C945338C6B10F244CBC97DBE4BEE9EE6A43EA3C50,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178885Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:32.806{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B13BC64051E63893FA3E22F17C4A5AC4,SHA256=7F57FF91B8986F69BCA26625338BF5B11C1A861FB44A92C075636CF6B6BB10FA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:32.548{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5513FC9658FC9516BF06EBDF682B6673,SHA256=423AE8E45165388B1E3120095B1B5F7BABF3207BDDBBE25A448B9270EB000E40,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178884Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:30.068{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53350-false10.0.1.12-8000- 23542300x8000000000000000178886Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:33.932{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DFD7D1A47F6AD9175E8C717559CBCFBD,SHA256=A8EF26A67C40EE7406284235BED5DE88CE0A26F821AF0B14D9502D6FA26F551E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:33.682{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:33.682{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:33.566{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7411032E2521AE1348EBE30FCF2A415D,SHA256=DB500DC47D00F77B51511DAF91FB145EE4078A1743D8E894A4288FC92B2EBD3D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178887Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:34.947{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8F537AABE61EC2B8FE7463F7C9AD75B0,SHA256=381824882AFB569BBF08A3698A189F492C866268A6B62CEF3FAFBF034A1FA9D0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:34.581{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C2F2E4CCB5C2131E617A6626DC5138BC,SHA256=BEE40858D59990AE2BF0E5993DBCDAA04BF45DDC5EC2A88AA0487288161F21B2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:33.997{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\permissions.sqlite-journalMD5=4CE9D97710681A3394FE378434CD66CD,SHA256=0646D6F872231D183782843DEFB8C49DDDE027C23F1ED505E22858449FD6882B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178888Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:35.978{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6AEF133FFBF3DFE4A44E442C86656AED,SHA256=71F5549EEB331E62C5410458F49208FEDE3E65AD06D135EF2E033060B1EF8A45,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.864{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BF5ECA841BB7E19FCF0474699ACE0F4A,SHA256=3729D7116DA8E7C8F9018D618E2A13895549AD4185FE219D46940FA118B61F10,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.696{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.680{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.649{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.645{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.644{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.644{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.644{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.643{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.643{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.643{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.643{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000254797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.611{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=735D9AC11EFD90A37B1BA523B6AAEDD5,SHA256=CC75922A960646C10241819ADDCC4EE74224F35668082EB485F3480CB8BB4A8E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.311{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A676544BEF3D28BD2CE26BC125347F15,SHA256=B6D54AECB449DA60E599FF340FCAF4EAA67AAE1335A9A7B27164E1EE0F1CD81E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:35.027{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:36.626{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B74C38F03CEE2A922922D2588DBEFACD,SHA256=D76BE6E14D3C7F34FF239F6575B6CC732DB9F4816DA19B71FCF7206BEB4FFD1F,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000254914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:34.246{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60328-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000254913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:36.046{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:36.046{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:37.636{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8280BEEDFAB1CEFFCE4ACBADAF4C672A,SHA256=386C1F26BC355E5CA117618A6E3B16DAE8A1F093D19ED8279BC62F3E806C7594,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178889Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:37.072{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A09BEB1A9323C200FC422A03DC481E6F,SHA256=E5EC7B2EA129C24AD5AD6DE183514D9AB4EDE97A9210C9120B2FDF2F1B7933DE,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000254918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:37.195{ED6274ED-C83C-61E7-B500-000000002302}47008076C:\Windows\Explorer.EXE{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:37.178{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000254916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:37.178{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000254920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:38.646{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0907F441CEA4AA06F3327194A89208C1,SHA256=59D27A9E5FD7B11CAF3CD8E687FF1E576FA5561F5A6A3AF8E1EF836A359CCFBC,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178891Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:35.177{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53351-false10.0.1.12-8000- 23542300x8000000000000000178890Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:38.105{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AB94344B3D8191DC614DF551A3D7E826,SHA256=0DEF8FCC7784B51DC1FD41AAFF1F10614E708A09E3325A5D8602DEF07D7F23DA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000254921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:39.667{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9E1414D44588A5D88D68F861ED407A5E,SHA256=53855DF2F753A1A6BE5112B3D8FFE5E7A761CA40984462D06663960224723648,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178892Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:39.197{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7AC41A68E73147FEA48448D3AE7D0BBA,SHA256=26BDB71FCDAE3BFCE92B66E21A26FFDC66855679052CA65883F231A7F37A343B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178893Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:40.228{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B0C9681EC985F446ADD737B8C0252EC8,SHA256=E36FA0209E4311308F820E031EE70893765E215567D3DA23F6EB5EDFEFA25579,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.662{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.661{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.661{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.661{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.661{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.661{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.661{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.661{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.661{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.661{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000255009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.661{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=46C18A5E0BA0BDCBBEF764744C124232,SHA256=95654CB781E47171949659C5F2424B0C3731DF1AE63A4D7F249374D4B66CFC18,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.660{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.659{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.658{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.658{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000254973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.658{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.658{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.658{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.658{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.658{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.658{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.658{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.658{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.658{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.657{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.657{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.657{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.657{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.657{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.657{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.657{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.657{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.655{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.655{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.655{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.655{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000254947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.648{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.648{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.647{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.647{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.647{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.647{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.647{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.647{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.646{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.645{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.645{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.645{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.645{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.645{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.645{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.644{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.644{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.644{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.643{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000254922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:40.643{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178894Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:41.291{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2C4E1C426A1EB0813C8C58557BB0B504,SHA256=32C1E5BBDEF1AB9AD8ED3330B831CFCB13E40677871B6F0BA78AE4BA526BF0C8,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:41.524{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:41.523{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:41.523{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 354300x8000000000000000255037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:39.260{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60329-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000255036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:41.096{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=171DD9D9E14CF15B014FC4EDEFFB3D4F,SHA256=E5EB13A0E5BEF0EB99D9CCED8104693F2F3619AC5491405814207E9B2958A72C,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178896Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:41.083{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53352-false10.0.1.12-8000- 23542300x8000000000000000178895Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:42.416{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B3A5A44E83D5544414761F093A940011,SHA256=8EBD6EC284953AAC13D1B45EFE1AFD2250BA4CAF85AFF000691F49F8BC6AD612,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:42.130{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8D71607C2F51A646E3567CE3E821645D,SHA256=5FCECFFACC3E86ED294F843FD12FBB84E73448F265408C1EF61455D5DEE3C9F9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178897Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:43.541{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=18313CD3A4F168493D88C12D87E6B123,SHA256=DA82E13BBE8075F0127908A86A20B68420AD5D123AF8735E8727EF32D3ACAC5E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:43.135{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D0B01960D823309772BEB36482BFAF47,SHA256=29815792D72FAE197495B7167F0F2D32FC50CAB12DABFD6CA42563072C792324,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178898Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:44.588{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4D566F5447FC1C35989F46032810CDBA,SHA256=2E18D5CAED5648B9991A06994F4F4FDFFA354959209C86596065D88F2D19E70E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:44.140{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A02CE31318392770C48219E4981FDD14,SHA256=4AFD644F08CF52D8C1C6006C0F522A44355CD337F462EDB324E038E8231FFBE3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178899Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:45.603{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=49B87D941644CD2E940D28553DB8419D,SHA256=983E62014DC59868D2FE5BBE201D55A708C5C1EC17AE07E344244DA0CC3861B3,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.747{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.747{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.747{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.747{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.747{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.747{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.747{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.747{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.745{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.745{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.743{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.743{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.736{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.735{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.735{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.729{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.729{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.728{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.727{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.724{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.724{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.724{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.724{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.724{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.723{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.722{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.722{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.721{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.721{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.721{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.721{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.715{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.715{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.714{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.711{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.711{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.711{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.711{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.711{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.711{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.711{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.709{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.709{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.709{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.709{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.709{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.709{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.704{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.704{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.704{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.699{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.699{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.699{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.699{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.699{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.695{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.695{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.695{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.694{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.694{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.694{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.693{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.691{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.690{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.690{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.690{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.690{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.690{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.689{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.677{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.677{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.677{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.677{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.675{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.675{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.675{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.674{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.670{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.669{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.668{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.667{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.666{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.665{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.665{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.664{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.663{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000255045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.369{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=3324A2585C88DCB9166B76B84B8203A3,SHA256=5B39EBF0532EB317A9294A3D81B506DCF6A3F1493651439C91FFA4C8FBDCF8AC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.152{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3827F068FAFA8DFBC0E70711B6C8FB0D,SHA256=8A0711FCAEBC7A60234541F4FF45B6CF6423ED672B439212083CC4C221A2FBAD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178900Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:46.635{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B9AF20BF37040FDF28793FA78E4457D6,SHA256=EDA6D7A503BE046A3BD70F3EA814192C42EE059A2316E301A33F282433BA0FEC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:46.226{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=08078B181E6F1163294F73465A6EFB3D,SHA256=E7B541CB20F5BB2F7EFCEFE4214E363595A943EE55B60C4AAFD2FD69CBA2E98E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:46.224{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DD8CC86A71D60844C45DA4323CDD6E70,SHA256=9B1524AD56DD2B44338E37E0E0D5BCFF39664E8C8E51DBBC40D515D2E5C8909C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:46.201{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=74DBE4C8150995043F9D57822D766B29,SHA256=648E0214C0DC0170C39931C8FDD15F7D3B9A0608B64EAE4FFCBF4E50F99F64B2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178901Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:47.650{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D1B7B861EBFA6BCF3F18A8391192D5F1,SHA256=DFB2F084FFE1CC59984F35C47BB22D91380491E9A0FD5075994F93E275B8A0B8,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000255163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:45.242{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60330-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000255162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:47.213{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D0EE3877371E976098649030B2CBC38D,SHA256=8C86F97753F1F4725CC0DF5AF4405DCC7C258609AEFACBEAF2CC1204D49278B6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178902Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:48.681{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=861F8AB8B5E045CFAC8C7767BE6A2C3A,SHA256=E9D36177C1EFCAE030C8034EC40A8E34F6E278CE6B851A50CB82F9040A37ED9D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:48.895{ED6274ED-1030-61E8-730A-000000002302}74486308C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:48.674{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1030-61E8-730A-000000002302}7448C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:48.672{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:48.671{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:48.671{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:48.671{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:48.671{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-1030-61E8-730A-000000002302}7448C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000255166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:48.671{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1030-61E8-730A-000000002302}7448C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000255165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:48.670{ED6274ED-1030-61E8-730A-000000002302}7448C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000255164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:48.220{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F9406D9A807D29E6BC194F9BDEC18DBC,SHA256=AC685616A3B5C0522F984F507679E415F6C3DE21C31C4C0920C56B6AEE968D8C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178904Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:49.728{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3A091052E2ED210660590EFDC44AE852,SHA256=621B7D7D9AFAA5860DBC6B65C82376D4486A4CC41B3AAAA4CC236399E787286A,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.802{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1031-61E8-750A-000000002302}7660C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.800{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.800{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.800{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.800{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.800{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-1031-61E8-750A-000000002302}7660C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000255188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.799{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1031-61E8-750A-000000002302}7660C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000255187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.798{ED6274ED-1031-61E8-750A-000000002302}7660C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000255186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.679{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=727543A1B0FC621FF703D963753DBE79,SHA256=739F73EC4D125893454E52AB9F2A1715A96CE702EFD27C20DDDA93D29ED30FF3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.677{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=D68C940AB1AF5043942607BDE198C39E,SHA256=DC5B81E9D20F5519524089666BEF9D20E8DA17B20C53F5A36540E8B484772F98,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.454{ED6274ED-0D92-61E8-F709-000000002302}7808ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\TransportSecurity~RF11e4622.TMPMD5=CB07533FD74A8D792CCBD128F5B33906,SHA256=8D9FBFFE43510379B3C9A0EA14D18E79891EE78660F01994C61698C5D8E96753,IMPHASH=00000000000000000000000000000000falsetrue 254200x8000000000000000255183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localT10992022-01-19 13:20:49.453{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\00ebcbe4-1d81-4734-b996-57fec77a16be.tmp2022-01-19 13:09:50.0402022-01-19 13:20:49.434 10341000x8000000000000000255182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.286{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1031-61E8-740A-000000002302}4212C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.284{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.284{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.283{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-1031-61E8-740A-000000002302}4212C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000255178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.283{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.283{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.283{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1031-61E8-740A-000000002302}4212C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000255175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.281{ED6274ED-1031-61E8-740A-000000002302}4212C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000255174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:49.238{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=075982A5DA3944FADB6D4D4ED34C110F,SHA256=4CA6E4F415755EE2DE7A32FB74439EDFD5FE40EA2DEE7906FD9674B510A17595,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178903Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:47.036{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53353-false10.0.1.12-8000- 23542300x8000000000000000178905Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:50.760{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C0CEB0D384D301352038B8A32925F197,SHA256=85C3040DA8DD5581146F4A149786AE0FD5DDB4AEA650E7198CB0B5E303A616F6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.840{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F362DFA819835DA9851D23B2D08E603A,SHA256=08D4A2441DBB3F66363BFA01928915AE0ECADE24F5E57F49B13FFE03C6BEEA87,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.812{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=727543A1B0FC621FF703D963753DBE79,SHA256=739F73EC4D125893454E52AB9F2A1715A96CE702EFD27C20DDDA93D29ED30FF3,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.766{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.766{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.766{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.766{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.766{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.766{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.765{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.764{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.763{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000255248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.762{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F9ECA49831C6BBEB56AF44823BB926E7,SHA256=BC27B96597EB479744EBBB5F59C04FBBCCB9E5B111A2C1A2C20B0599B1773020,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.762{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.761{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.760{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.759{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.752{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.751{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.751{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.751{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.751{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.751{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.751{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.751{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.750{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.750{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.750{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.750{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.750{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.750{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.750{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.749{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.749{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.749{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.749{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.749{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.749{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.749{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.748{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.748{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.748{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.748{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000255195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:50.250{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=80CBA7B90DDFE720D50999783D62D77D,SHA256=53468D7D1AFDE97928CBD95AC01B4D844DC9A576C7106E6EC2F47AFCED18FCAA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178906Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:51.775{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E0A1359CD5E63233DD7CBDC95B97B4A3,SHA256=D9C4FA376578F4CA426CFC439B1AA6C77FB179B48612CDDD9307481982E1A6D5,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:51.288{ED6274ED-C6F3-61E7-1200-000000002302}4201568C:\Windows\system32\svchost.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6cd4|c:\windows\system32\fntcache.dll+17a6f|c:\windows\system32\fntcache.dll+1a637|c:\windows\system32\fntcache.dll+1aa6c|c:\windows\system32\fntcache.dll+501de|c:\windows\system32\fntcache.dll+4fee2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000255312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:51.260{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=19C90371BA9184584749D2F3FF5F8B89,SHA256=6D2452D2B78A2640B9C4ACC14E557A0B6CEDC029309A22CB58C8FE19B3F84419,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178907Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:52.791{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C355AF23F84B00B849625EB6F8E8A28C,SHA256=45356C7FAE1F71DE423DA57B12972F39EB6B2D8F9E9B9B2788EC5AEFCBD4841B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.965{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1034-61E8-790A-000000002302}7704C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.962{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.962{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.962{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-1034-61E8-790A-000000002302}7704C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000255353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.962{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.962{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.961{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1034-61E8-790A-000000002302}7704C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000255350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.960{ED6274ED-1034-61E8-790A-000000002302}7704C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000255349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.902{ED6274ED-C83C-61E7-B500-000000002302}47004788C:\Windows\Explorer.EXE{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.901{ED6274ED-C83B-61E7-B000-000000002302}43164388C:\Windows\system32\taskhostw.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\MSCTF.dll+af11|C:\Windows\System32\MSCTF.dll+b489|C:\Windows\System32\MSCTF.dll+be73|C:\Windows\System32\MSCTF.dll+3d812|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.895{ED6274ED-C83C-61E7-B500-000000002302}47001852C:\Windows\Explorer.EXE{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.891{ED6274ED-C83C-61E7-B500-000000002302}47001852C:\Windows\Explorer.EXE{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\Explorer.EXE+1f054|C:\Windows\Explorer.EXE+1f000|C:\Windows\Explorer.EXE+1dfec|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.890{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.890{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.650{ED6274ED-0D99-61E8-050A-000000002302}77647064C:\Program Files\Internet Explorer\iexplore.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\SYSTEM32\iertutil.dll+36ee1|C:\Windows\SYSTEM32\iertutil.dll+36a90|C:\Windows\SYSTEM32\iertutil.dll+34cbc|C:\Windows\SYSTEM32\iertutil.dll+3506f|C:\Windows\SYSTEM32\iertutil.dll+48188|C:\Windows\SYSTEM32\IEFRAME.dll+2bab02|C:\Windows\SYSTEM32\IEFRAME.dll+f194d|C:\Windows\SYSTEM32\IEFRAME.dll+f2bc8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.648{ED6274ED-C837-61E7-A600-000000002302}34043900C:\Windows\system32\csrss.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000255341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.646{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.646{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.645{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.645{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.644{ED6274ED-0D99-61E8-050A-000000002302}77647064C:\Program Files\Internet Explorer\iexplore.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6f453|C:\Windows\System32\KERNEL32.DLL+1d37f|C:\Windows\SYSTEM32\iertutil.dll+2702c|C:\Windows\SYSTEM32\iertutil.dll+28123|C:\Windows\SYSTEM32\iertutil.dll+36a21|C:\Windows\SYSTEM32\iertutil.dll+34cbc|C:\Windows\SYSTEM32\iertutil.dll+3506f|C:\Windows\SYSTEM32\iertutil.dll+48188|C:\Windows\SYSTEM32\IEFRAME.dll+2bab02|C:\Windows\SYSTEM32\IEFRAME.dll+f194d|C:\Windows\SYSTEM32\IEFRAME.dll+f2bc8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000255336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.637{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\iexplore.exe11.00.14393.2007 (rs1_release.171231-1800)Internet ExplorerInternet ExplorerMicrosoft CorporationIEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7764 CREDAT:82947 /prefetch:2C:\Users\Administrator\Desktop\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=7D930D55986DF5C69CF1A9C2DE7E33B3,SHA256=BEBB0D2229700C6A62B7811985061DC75F6279AB0FF8747C47CCADB6CC2CC462,IMPHASH=E7542C041AAD637F8E6918BBE235A488{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" https://discordapp.com/handoff?rpc=6463&key=7f2da19a-c91d-4e45-afc4-17dee9c76318 10341000x8000000000000000255335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.637{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.631{ED6274ED-1034-61E8-770A-000000002302}46324728C:\Program Files\Internet Explorer\iexplore.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\SYSTEM32\IEFRAME.dll+1ed4d|C:\Windows\SYSTEM32\IEFRAME.dll+1eccb|C:\Windows\SYSTEM32\IEFRAME.dll+1ec45|C:\Windows\SYSTEM32\IEFRAME.dll+1f6e2|C:\Windows\SYSTEM32\IEFRAME.dll+2a7bc0|C:\Windows\SYSTEM32\IEFRAME.dll+1529c4|C:\Windows\SYSTEM32\IEFRAME.dll+20d2d|C:\Windows\SYSTEM32\IEFRAME.dll+152a4f|C:\Program Files\Internet Explorer\iexplore.exe+14e9|C:\Program Files\Internet Explorer\iexplore.exe+1d77|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.615{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-1034-61E8-770A-000000002302}4632C:\Program Files\Internet Explorer\iexplore.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.614{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-1034-61E8-770A-000000002302}4632C:\Program Files\Internet Explorer\iexplore.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.534{ED6274ED-1034-61E8-760A-000000002302}79001580C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.434{ED6274ED-C837-61E7-A600-000000002302}3404372C:\Windows\system32\csrss.exe{ED6274ED-1034-61E8-770A-000000002302}4632C:\Program Files\Internet Explorer\iexplore.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000255329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.434{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.434{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.434{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.433{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.432{ED6274ED-0D90-61E8-F109-000000002302}70007908C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-770A-000000002302}4632C:\Program Files\Internet Explorer\iexplore.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\wow64.dll+10c0b|C:\Windows\System32\wow64.dll+10499|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6f66c(wow64)|C:\Windows\System32\KERNELBASE.dll+d9278(wow64)|C:\Windows\System32\KERNELBASE.dll+d7f5c(wow64)|C:\Windows\System32\windows.storage.dll+12427f(wow64)|C:\Windows\System32\windows.storage.dll+123f9f(wow64)|C:\Windows\System32\windows.storage.dll+123ce7(wow64)|C:\Windows\System32\windows.storage.dll+124cd5(wow64)|C:\Windows\System32\windows.storage.dll+123b11(wow64)|C:\Windows\System32\windows.storage.dll+125eea(wow64)|C:\Windows\System32\windows.storage.dll+1262f7(wow64)|C:\Windows\System32\windows.storage.dll+125915(wow64)|C:\Windows\System32\SHELL32.dll+1711b4(wow64)|C:\Windows\System32\SHELL32.dll+17108e(wow64)|C:\Windows\System32\SHELL32.dll+1ae43a(wow64)|C:\Windows\System32\shcore.dll+2fffa(wow64) 154100x8000000000000000255324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.425{ED6274ED-1034-61E8-770A-000000002302}4632C:\Program Files\Internet Explorer\iexplore.exe11.00.14393.2007 (rs1_release.171231-1800)Internet ExplorerInternet ExplorerMicrosoft CorporationIEXPLORE.EXE"C:\Program Files\Internet Explorer\iexplore.exe" https://cdn.discordapp.com/attachments/928503440139771947/930108637681184768/Tbopbh.jpgC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=DED3D744D46A5CE7965CE2B75B54958A,SHA256=70C9616C026266BB3A1213BCC50E3A9A24238703FB7745746628D11163905D2F,IMPHASH=9BB01C801600CEBDCA166D0534E98CE6{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe"C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe" --squirrel-firstrun 10341000x8000000000000000255323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.425{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-1034-61E8-770A-000000002302}4632C:\Program Files\Internet Explorer\iexplore.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.306{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1034-61E8-760A-000000002302}7900C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.296{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-1034-61E8-760A-000000002302}7900C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000255320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.297{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.296{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.296{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.296{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.296{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1034-61E8-760A-000000002302}7900C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000255315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.295{ED6274ED-1034-61E8-760A-000000002302}7900C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000255314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.268{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9D063AD3A0BAA0A19D24461FCDA411BB,SHA256=3E29D71C8DBB10B1150713C7E8A834827B882537C7EE5B70367B8458A662F1DB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178910Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:53.806{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D1AFA43A98050618C36CF6C09D8B0304,SHA256=968B08D7801DA54618412EE512DB73103AFFF134D500399FE94C140EFC8D4D24,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.949{ED6274ED-C83C-61E7-B500-000000002302}47001852C:\Windows\Explorer.EXE{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.949{ED6274ED-C83C-61E7-B500-000000002302}47001852C:\Windows\Explorer.EXE{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\Explorer.EXE+1f054|C:\Windows\Explorer.EXE+1f000|C:\Windows\Explorer.EXE+1dfec|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.934{ED6274ED-1034-61E8-780A-000000002302}76368164C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\SYSTEM32\iertutil.dll+1bad58(wow64)|C:\Windows\SYSTEM32\iertutil.dll+1bad0f(wow64)|C:\Windows\SYSTEM32\iertutil.dll+1bacb6(wow64)|C:\Windows\SYSTEM32\IEFRAME.dll+3a817e(wow64)|C:\Windows\SYSTEM32\IEFRAME.dll+1af03e(wow64)|C:\Windows\SYSTEM32\IEFRAME.dll+1aef8b(wow64)|C:\Program Files (x86)\Internet Explorer\IEShims.dll+3fc44(wow64)|C:\Windows\SYSTEM32\urlmon.dll+10c000(wow64)|C:\Windows\SYSTEM32\urlmon.dll+77c4a(wow64)|C:\Windows\SYSTEM32\urlmon.dll+783e8(wow64)|C:\Windows\SYSTEM32\urlmon.dll+784ec(wow64)|C:\Windows\SYSTEM32\MSHTML.dll+52e649(wow64)|C:\Windows\SYSTEM32\MSHTML.dll+3dcbf0(wow64)|C:\Windows\SYSTEM32\MSHTML.dll+43ca27(wow64) 23542300x8000000000000000255378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.790{ED6274ED-1034-61E8-780A-000000002302}7636ATTACKRANGE\AdministratorC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\9FTV1S3I\ErrorPageTemplate[1]MD5=D41D8CD98F00B204E9800998ECF8427E,SHA256=E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.784{ED6274ED-1034-61E8-780A-000000002302}7636ATTACKRANGE\AdministratorC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\GMA70XA3\http_403[1]MD5=D41D8CD98F00B204E9800998ECF8427E,SHA256=E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.551{ED6274ED-C83B-61E7-B000-000000002302}43164388C:\Windows\system32\taskhostw.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\MSCTF.dll+af11|C:\Windows\System32\MSCTF.dll+b489|C:\Windows\System32\MSCTF.dll+be73|C:\Windows\System32\MSCTF.dll+3d812|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.549{ED6274ED-C83B-61E7-B000-000000002302}43164388C:\Windows\system32\taskhostw.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\MSCTF.dll+af11|C:\Windows\System32\MSCTF.dll+b489|C:\Windows\System32\MSCTF.dll+be73|C:\Windows\System32\MSCTF.dll+3d812|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.539{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.539{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.534{ED6274ED-C83C-61E7-B500-000000002302}47001852C:\Windows\Explorer.EXE{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.533{ED6274ED-C83C-61E7-B500-000000002302}47001852C:\Windows\Explorer.EXE{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\Explorer.EXE+1f054|C:\Windows\Explorer.EXE+1f000|C:\Windows\Explorer.EXE+1dfec|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.492{ED6274ED-0D99-61E8-050A-000000002302}77647064C:\Program Files\Internet Explorer\iexplore.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\shcore.dll+64c8|C:\Windows\System32\shcore.dll+6497|C:\Windows\System32\shcore.dll+6387|C:\Windows\System32\shcore.dll+62fd|C:\Windows\System32\shcore.dll+620a|C:\Windows\system32\explorerframe.dll+154e|C:\Windows\SYSTEM32\IEFRAME.dll+c50ca|C:\Windows\SYSTEM32\IEFRAME.dll+4bcaa|C:\Windows\SYSTEM32\IEFRAME.dll+4d1d9|C:\Windows\SYSTEM32\IEFRAME.dll+4ea32|C:\Windows\SYSTEM32\IEFRAME.dll+4aa18|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11b2c|C:\Windows\SYSTEM32\iertutil.dll+32c3d|C:\Windows\SYSTEM32\IEFRAME.dll+5539b|C:\Windows\SYSTEM32\IEFRAME.dll+f1b6f|C:\Windows\SYSTEM32\IEFRAME.dll+f2bc8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.491{ED6274ED-0D99-61E8-050A-000000002302}77647064C:\Program Files\Internet Explorer\iexplore.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\shcore.dll+64c8|C:\Windows\System32\shcore.dll+6482|C:\Windows\System32\shcore.dll+617d|C:\Windows\System32\shcore.dll+5e3d|C:\Windows\System32\shcore.dll+5dcf|C:\Windows\System32\shcore.dll+5cd4|C:\Windows\system32\explorerframe.dll+1501|C:\Windows\SYSTEM32\IEFRAME.dll+c50ca|C:\Windows\SYSTEM32\IEFRAME.dll+4bcaa|C:\Windows\SYSTEM32\IEFRAME.dll+4d1d9|C:\Windows\SYSTEM32\IEFRAME.dll+4ea32|C:\Windows\SYSTEM32\IEFRAME.dll+4aa18|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11b2c|C:\Windows\SYSTEM32\iertutil.dll+32c3d|C:\Windows\SYSTEM32\IEFRAME.dll+5539b|C:\Windows\SYSTEM32\IEFRAME.dll+f1b6f|C:\Windows\SYSTEM32\IEFRAME.dll+f2bc8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.491{ED6274ED-0D99-61E8-050A-000000002302}77647064C:\Program Files\Internet Explorer\iexplore.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\shcore.dll+64c8|C:\Windows\System32\shcore.dll+6154|C:\Windows\System32\shcore.dll+5e3d|C:\Windows\System32\shcore.dll+5dcf|C:\Windows\System32\shcore.dll+5cd4|C:\Windows\system32\explorerframe.dll+1501|C:\Windows\SYSTEM32\IEFRAME.dll+c50ca|C:\Windows\SYSTEM32\IEFRAME.dll+4bcaa|C:\Windows\SYSTEM32\IEFRAME.dll+4d1d9|C:\Windows\SYSTEM32\IEFRAME.dll+4ea32|C:\Windows\SYSTEM32\IEFRAME.dll+4aa18|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11b2c|C:\Windows\SYSTEM32\iertutil.dll+32c3d|C:\Windows\SYSTEM32\IEFRAME.dll+5539b|C:\Windows\SYSTEM32\IEFRAME.dll+f1b6f|C:\Windows\SYSTEM32\IEFRAME.dll+f2bc8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000255367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.406{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=56C18037591AF6E44A8A1F7A19FA2E9B,SHA256=84008E4E64D6AFBC183E4BDBF892175B50EF823E11EF88C2770652076967DFDF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.403{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=31D75730E6830B550C82B16D2A8F5CB5,SHA256=8B7110AF035ECCB6CAFCDDEBB8B084619075B1E3C6E89A21CCF334833BC8EEBB,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.399{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.332{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.316{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+26327|C:\Windows\system32\lsasrv.dll+2746d|C:\Windows\system32\lsasrv.dll+261a5|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.315{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\lsasrv.dll+260ed|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 354300x8000000000000000255361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:51.221{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60331-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 354300x8000000000000000178909Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:52.192{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53354-false10.0.1.12-8000- 23542300x8000000000000000178908Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:53.041{F0653C0F-C6EC-61E7-1F00-000000002402}1924NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.165{ED6274ED-1034-61E8-790A-000000002302}77044364C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.103{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.103{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178912Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:54.822{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2EEEF20053D8CCCCA9AD01A0A4A5B52F,SHA256=F16E9A842E16AFC9F3D72617DF0D3EF52E3DDFC1474D3E9BF735D20997240B4B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:54.776{ED6274ED-1036-61E8-7A0A-000000002302}48767692C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 22542200x8000000000000000255397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.521{ED6274ED-1034-61E8-780A-000000002302}7636cdn.discordapp.com0::ffff:162.159.133.233;::ffff:162.159.134.233;::ffff:162.159.135.233;::ffff:162.159.130.233;::ffff:162.159.129.233;C:\Program Files (x86)\Internet Explorer\iexplore.exe 22542200x8000000000000000255396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.639{ED6274ED-0D99-61E8-050A-000000002302}7764cdn.discordapp.com0::ffff:162.159.133.233;::ffff:162.159.134.233;::ffff:162.159.135.233;::ffff:162.159.130.233;::ffff:162.159.129.233;C:\Program Files\Internet Explorer\iexplore.exe 354300x8000000000000000255395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.464{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60332-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000255394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.464{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exeNT AUTHORITY\SYSTEMtcptruetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60332-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 10341000x8000000000000000255393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:54.438{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1036-61E8-7A0A-000000002302}4876C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:54.438{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:54.438{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:54.438{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:54.438{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:54.438{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-1036-61E8-7A0A-000000002302}4876C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000255387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:54.438{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1036-61E8-7A0A-000000002302}4876C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000255386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:54.441{ED6274ED-1036-61E8-7A0A-000000002302}4876C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000255385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:54.407{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=FF0B94A40368DBF3A5A8050058EB8F75,SHA256=38364E6F92812BB2CB23878710AFBE4A9FD70409BE9621D507A45A808B97A091,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:54.290{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8603CCCE5E26FBF24A0C6C8174786D78,SHA256=B21C1D38E12826DD2304E8DC279191A01C44481775AA21D1AAAF4749156B1B49,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000255383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:52.700{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local64537- 354300x8000000000000000178911Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:52.958{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53355-false10.0.1.12-8089- 10341000x8000000000000000255382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.990{ED6274ED-C83C-61E7-B500-000000002302}47004788C:\Windows\Explorer.EXE{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178913Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:55.853{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F5AAFD91298C63DF42F8A9BEADF1F90B,SHA256=FE598C4EC8EDDD33DF5F5628539AB2BCC3BFDE4EBDEF7F309D104C72A6F32B63,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.991{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A8F2EB76BA4C972A0E58CE762B1CBDB0,SHA256=C53E164523167819819D317E07F2E8A23BD0529E560CF5721B904F0A725AF2D9,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.975{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.975{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.975{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.975{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.975{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.975{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.975{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.975{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.974{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D94-61E8-FF09-000000002302}5304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.973{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.973{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.972{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.972{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.971{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.971{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.970{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 23542300x8000000000000000255594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.970{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=17E2C57796807145A860F1F7C2DBB883,SHA256=3956A31CE0CCA3A2D0377BF01BADE518A26F37CC657EEAD23A70D9C387A23C7E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.970{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.969{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.969{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.968{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C838-61E7-A900-000000002302}3024C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.953{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2E00-000000002302}2420C:\Windows\system32\wbem\unsecapp.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.937{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0F00-000000002302}1016C:\Windows\system32\dwm.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 10341000x8000000000000000255538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.922{ED6274ED-1037-61E8-7B0A-000000002302}77363644C:\Windows\system32\wbem\wmiprvse.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\cimwin32.dll+6fb3|C:\Windows\system32\wbem\cimwin32.dll+7471|C:\Windows\SYSTEM32\framedynos.dll+5899|C:\Windows\SYSTEM32\framedynos.dll+adc4|C:\Windows\system32\wbem\wmiprvse.exe+a731|C:\Windows\system32\wbem\wmiprvse.exe+a344|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\combase.dll+12d0|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+397f8|C:\Windows\System32\combase.dll+3757d|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c 23542300x8000000000000000255537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.906{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=86E25C2317354A81BDE82D351DDE9049,SHA256=BD9401363A15549E8EA17467784DF9B92C2069201E59E11E6C64117BBA968D1C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.906{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-1037-61E8-7B0A-000000002302}7736C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.906{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-1037-61E8-7B0A-000000002302}7736C:\Windows\system32\wbem\wmiprvse.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+26327|C:\Windows\system32\lsasrv.dll+2746d|C:\Windows\system32\lsasrv.dll+261a5|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.906{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-1037-61E8-7B0A-000000002302}7736C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\lsasrv.dll+260ed|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.853{ED6274ED-C6F3-61E7-1600-000000002302}12166588C:\Windows\system32\svchost.exe{ED6274ED-1037-61E8-7B0A-000000002302}7736C:\Windows\system32\wbem\wmiprvse.exe0x101541C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\wbem\wmiprvsd.dll+20fee|C:\Windows\system32\wbem\wmiprvsd.dll+43f7|C:\Windows\system32\wbem\wmiprvsd.dll+15538|C:\Windows\system32\wbem\wmiprvsd.dll+1498a|C:\Windows\system32\wbem\wmiprvsd.dll+146e6|C:\Windows\system32\wbem\wmiprvsd.dll+140fe|C:\Windows\system32\wbem\wbemcore.dll+b920|C:\Windows\system32\wbem\wbemcore.dll+255ff|C:\Windows\system32\wbem\wbemcore.dll+24a9a|C:\Windows\system32\wbem\wbemcore.dll+2485e|C:\Windows\system32\wbem\wbemcore.dll+2685b|C:\Windows\system32\wbem\wbemcore.dll+22b78|C:\Windows\system32\wbem\wbemcore.dll+22a19|C:\Windows\system32\wbem\wbemcore.dll+21f5a|C:\Windows\system32\wbem\wbemcore.dll+22711|C:\Windows\system32\wbem\wbemcore.dll+2d78c|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.822{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-1037-61E8-7B0A-000000002302}7736C:\Windows\system32\wbem\wmiprvse.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.790{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-1037-61E8-7B0A-000000002302}7736C:\Windows\system32\wbem\wmiprvse.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000255530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.790{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-1037-61E8-7B0A-000000002302}7736C:\Windows\system32\wbem\wmiprvse.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6f453|C:\Windows\System32\KERNEL32.DLL+1d37f|c:\windows\system32\rpcss.dll+366d9|c:\windows\system32\rpcss.dll+3bec2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.790{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+f86b|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.790{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+f71b|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.790{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+1b8ad|C:\Windows\system32\lsasrv.dll+2878b|C:\Windows\SYSTEM32\SspiSrv.dll+1467|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+316f1(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.773{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.753{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000255402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.454{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=179213EA751DFED158417C3A90FD1E47,SHA256=C4BC2E956F98BEAEEB0A3A01699E9E6E2F72A585A67263F90612053781B38A35,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000255401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.593{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\iexplore.exeATTACKRANGE\Administratortcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60333-false162.159.133.233-443https 354300x8000000000000000255400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:53.593{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\iexplore.exeATTACKRANGE\Administratortcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60334-false162.159.133.233-443https 23542300x8000000000000000255399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:55.291{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=959D5039E5810BA40FBA550FD4AA81A9,SHA256=FF6D934F62B4B72CB71612D3DA93649B971BD22ADF931F14CDBCA6E752DFBF39,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178914Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:56.869{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9B87A8A8775EB343408551D0693A9D94,SHA256=E50582F9A1CAA2C31A6FF09C7AF54D4D9496D29251A95DDCCF82798DEFC72778,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:56.791{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=B89EC798E5075E4DCAED1C4876629DCE,SHA256=6BE9519FA9E2BDC614BC478C5CF0207178B264742352C8DA420C82AB48B4F719,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:56.307{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=44373FF3FABD96EABAAF192C047D92DD,SHA256=748FEB99F935B32F06A23E2059CD50DEC1334ED43020F7A99AD2BD85242C5992,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178915Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:57.901{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3834E63BEA62E29BC01E864FEE1DE6D8,SHA256=DD93CDA880818E0FB2408B6D406DC0C8989C3C2DFC4434EFCAAF767AE4B12671,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.575{ED6274ED-1034-61E8-780A-000000002302}7636ATTACKRANGE\AdministratorC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E05NNXXK\background_gradient[1]MD5=D41D8CD98F00B204E9800998ECF8427E,SHA256=E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.575{ED6274ED-C6F3-61E7-1200-000000002302}4201568C:\Windows\system32\svchost.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x40C:\Windows\SYSTEM32\ntdll.dll+a6cd4|c:\windows\system32\fntcache.dll+17a6f|c:\windows\system32\fntcache.dll+1a637|c:\windows\system32\fntcache.dll+1aa6c|c:\windows\system32\fntcache.dll+501de|c:\windows\system32\fntcache.dll+4fee2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.575{ED6274ED-C6F3-61E7-1200-000000002302}4201568C:\Windows\system32\svchost.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x40C:\Windows\SYSTEM32\ntdll.dll+a6cd4|c:\windows\system32\fntcache.dll+17a6f|c:\windows\system32\fntcache.dll+1a637|c:\windows\system32\fntcache.dll+1aa6c|c:\windows\system32\fntcache.dll+501de|c:\windows\system32\fntcache.dll+4fee2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.573{ED6274ED-C6F3-61E7-1200-000000002302}4201568C:\Windows\system32\svchost.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x40C:\Windows\SYSTEM32\ntdll.dll+a6cd4|c:\windows\system32\fntcache.dll+17a6f|c:\windows\system32\fntcache.dll+1a637|c:\windows\system32\fntcache.dll+1aa6c|c:\windows\system32\fntcache.dll+501de|c:\windows\system32\fntcache.dll+4fee2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000255629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.572{ED6274ED-1034-61E8-780A-000000002302}7636ATTACKRANGE\AdministratorC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\9FTV1S3I\down[1]MD5=D41D8CD98F00B204E9800998ECF8427E,SHA256=E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.553{ED6274ED-1034-61E8-780A-000000002302}7636ATTACKRANGE\AdministratorC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\GMA70XA3\bullet[1]MD5=D41D8CD98F00B204E9800998ECF8427E,SHA256=E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.553{ED6274ED-1034-61E8-780A-000000002302}7636ATTACKRANGE\AdministratorC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE\E05NNXXK\info_48[1]MD5=D41D8CD98F00B204E9800998ECF8427E,SHA256=E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.538{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1039-61E8-7C0A-000000002302}7600C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.538{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.538{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.538{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.538{ED6274ED-C6F2-61E7-0C00-000000002302}8445100C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.538{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-1039-61E8-7C0A-000000002302}7600C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000255620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.538{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1039-61E8-7C0A-000000002302}7600C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000255619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.539{ED6274ED-1039-61E8-7C0A-000000002302}7600C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000255618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.522{ED6274ED-C83C-61E7-B500-000000002302}47004788C:\Windows\Explorer.EXE{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.391{ED6274ED-C83C-61E7-B500-000000002302}47004788C:\Windows\Explorer.EXE{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.391{ED6274ED-C83C-61E7-B500-000000002302}47004788C:\Windows\Explorer.EXE{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000255615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.322{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=159E296B0A0D2ECBD79C7B15BB7D756D,SHA256=D1EA6EA8A9E3F3381EE448716606582AF83C2F44D40BA0D1AF9B00DCC5DC67AD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.207{ED6274ED-C704-61E7-2B00-000000002302}2988NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178917Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:58.916{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=403C22353B7441F3D2C46737A43B35C4,SHA256=2EF35127B828A7D48A0CA31B62F78AD670A09C3C0E89551F9EBAF4F3B8F67E54,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:58.553{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=ED21564659B3F26D7C02F4CC7E6D3BF3,SHA256=8C4399D2EE4FF260DCF81ACDE6893B7F6B5A86B23E4A9D49DCB5770B256BDE03,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000255636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:57.188{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60336-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8089- 354300x8000000000000000255635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:56.256{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60335-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000255634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:58.374{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2AEA5CF1C10D8BC35AF527AE1F8F97AC,SHA256=EC648E7B437453B3C433B642A97715355AC6692212147B777AB13917728EFC81,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178916Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:58.669{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\respondent-20220119080814-304MD5=26E1A90A17A870013EF4C4218FE87777,SHA256=02B0674969846812EB5EACE6FE845327C5B46FC53D45D3793660008BF07077BC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178919Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:59.930{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9F7C8BA8AB10E674A0DA35E0E0E003B4,SHA256=61C9F3762BE77A98287F8D7F4F5B9478435EDC3F648E7220DC39AD5F8C20A46C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:20:59.390{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=14917EA88CAD32C2BE6335C2704FCF5C,SHA256=FBC5606F96D9BE874992E91FE41ACF67D6F0CED981D74F76E329112F00BEF872,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178918Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:59.682{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\surveyor-20220119080812-305MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178921Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:00.932{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8352C7AC8A1C43FE523FCFFE1FB2ECEA,SHA256=4303E030C263E4ADA4F5B3EBF513AA07DF49676DD584BB628CD8D8225EC71B94,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000178920Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:20:58.099{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53356-false10.0.1.12-8000- 10341000x8000000000000000255749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.788{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000255669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.773{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4D1C9CDE171D97F296367FDA4CFEEA8D,SHA256=6FCCD573A9A20B225FA392E271E5BAFF9CE41C78010C5EF7290E4944471DD6EF,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1034-61E8-780A-000000002302}7636C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000255639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:00.405{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=63C374B177D5641CAC832971233A9694,SHA256=C21D3085D6F87079E9B716C97229714C27394ECC9386B29034C094CD3EA238D5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178922Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:01.948{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A4F3873C85E923A1CAD5689B0EC22FB9,SHA256=8A9CB88E3744F7F767B9347FB3354A0FA83C9942DC47331B5535A2FFF94A5726,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:01.974{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000255762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:01.974{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000255761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:01.473{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A99BE93F4240084599C55DD0FEF25D72,SHA256=1EAEBCA76576BD04571F7B129558DE5835D5851F7D5BE8BA9D19C704A3D9F133,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:01.035{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6F145F60E7D1B15CDB9C14A869FA5526,SHA256=A8EEE21E3BA9FA8992530DA26EC83122383307034D3CEBEA426323BA4EC6E692,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178923Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:02.963{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3D1CA9F6092021D19B36511AC17549C9,SHA256=93BAFDF6C58EC5DD8FAD0DC15CE8B3BF86F2F3E42E604053D64501EBFBE542BE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:02.485{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=362E573B1E272384405F9DCE6D0C63F3,SHA256=DAFD6C96136B9A74B83925F6683F5B6B12E0BDD9FBA2FCFA57016EF82D581641,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:02.340{ED6274ED-0D99-61E8-050A-000000002302}7764ATTACKRANGE\AdministratorC:\Program Files\Internet Explorer\iexplore.exeC:\Users\ADMINI~1\AppData\Local\Temp\2\~DF341701043B659D57.TMPMD5=9D98AC82CADDC6BB3F541224F7D35CBA,SHA256=E29AE0CCC86F82C4BFFA5A4C51C80C16350E3D724C01339D978AD3F8AE6CD27A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:02.145{ED6274ED-0D99-61E8-050A-000000002302}7764ATTACKRANGE\AdministratorC:\Program Files\Internet Explorer\iexplore.exeC:\Users\ADMINI~1\AppData\Local\Temp\2\~DF8E2AEF26A225D373.TMPMD5=4FC55FA83DC7CCBDCC52B8A794AE2B00,SHA256=A377E3D2726974F188233357759D9BA67F1D2C74B832927D98081BF0A0AE2901,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:02.144{ED6274ED-0D99-61E8-050A-000000002302}7764ATTACKRANGE\AdministratorC:\Program Files\Internet Explorer\iexplore.exeC:\Users\ADMINI~1\AppData\Local\Temp\2\~DF2A155D8C85728E72.TMPMD5=B6A65833CD2A680A4DF1CC08DFE16FB2,SHA256=2747E009755C32E302DF9A653AB613775E0A8BD614585C9947B5B19B7C0A62EF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:02.114{ED6274ED-0D99-61E8-050A-000000002302}7764ATTACKRANGE\AdministratorC:\Program Files\Internet Explorer\iexplore.exeC:\Users\Administrator\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{120972E8-7929-11EC-AB5B-02161777D036}.datMD5=C854205AAB1767FBB36EDE8E11D0CA9E,SHA256=098581C29287ECCCFB0720AA23D6D1F487EC837F73E8252B859DD875F9065512,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:02.012{ED6274ED-C83C-61E7-B500-000000002302}47004788C:\Windows\Explorer.EXE{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000178924Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:03.979{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=875784165E5AD73367B23997CAE56582,SHA256=48E44BEF3F36296A6ED3DCD549ABC19B77F14D75805213B802E317F72C51D689,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000255771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:02.135{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60337-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000255770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:03.492{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1588857D9259DD4B989CD2AF47D15414,SHA256=41CEB58B111F5E3A28FFFA4FE3CFE19A23CA291DC96C8C464E6EA5DE1FF51129,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178925Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:04.995{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=035B5E5516AA22B35FED524369124E83,SHA256=A78565058932360EA94E0D870B02ACEFD766D14A9C53BE2B5BEA504035742F1F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:04.497{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=74F96C403B7A8DBCC4E739B45FDB60B2,SHA256=F26AEDC9607B3440B4BEA027284E89FDF775C13C74FF37736B071D27F574E293,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.857{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EDF5B6A491F811A8305E56E34DF08885,SHA256=9436117CB1053E4DF8AC57CE22350FBAF1135F03C097236C4A331D45BE733CCC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000178926Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:03.960{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53357-false10.0.1.12-8000- 10341000x8000000000000000255883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.792{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.790{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.790{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.790{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.790{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.790{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.790{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.790{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.790{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.790{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.790{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.790{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.789{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.787{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.786{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.785{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.784{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000255811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.783{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=14818AFF6ADFB65640A8A2A6858781BB,SHA256=B4B7686980E2B9138032507399E3DBF2EEC16A39A5E5F81CC9BB5E4EECB6F8BE,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.783{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.781{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.780{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.768{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.767{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000255773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:05.507{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=59C8EAB14123819564DE95EBE6B19007,SHA256=01DD3DE0FA348D8FC05871B108617DEE7DDCC7FF740A0E9A681A50509757B77B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:06.537{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=92FF37227C28AC9079568977B9A331BC,SHA256=F60EE366D1F422A5F8578F02E778FE3EB32D4442C5F66E3D465291BA8164F721,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178927Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:06.010{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C0E1C4319DFE048C840B7CBCBB6CFF48,SHA256=416DBCB1A7E17013724CCE892510761E9A024DE1340C008336C2D06297BB7872,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:07.547{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B35C4E2B8D67206761DBD6897E46FAFF,SHA256=A27D52A16C3364EC2868451EF7DB9418D1DFE1240583E0E5D120972CD0104541,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178928Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:07.026{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=30E5BE3C6220FB4142A6FCA786941453,SHA256=AA5F2B9B9D8DC45DEAC451B6BB9C09065D38DBDAF06BA1E15A4E9096B3C2FE7C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:08.943{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=9A54D7954754E14B87A57280A5C60806,SHA256=F4731519F91F76D103C5A5F2DCC2257EB442BC669D39115AD80BBDB1619E0C02,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:08.550{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F1EDFE24916BBC4F5D502AC79D385382,SHA256=1066A16DAE07220892BD77CF77CE0007C29E0CBA41C2AE4A895B15DF49723403,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178929Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:08.042{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=215F747E4A9CC04E9ECEEAE5546A158B,SHA256=0B699E890BCFCD2D37DF7A16F29085B5AA86BC425070CC2B32D1924286A707C5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000255894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:09.556{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9073B81933725EA1B0868A5B7B25526F,SHA256=94235454F851A8D8DE1C2FC58571AB2450906EBCC9CEB096E45EBE726F0A0D59,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000255893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:08.080{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60338-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000178930Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:09.073{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=10102925BF29EC2EBB410A4F58644AA9,SHA256=4625722391DA6DDD80ED3AD601146417C64B5E2853CDCA174176480598CC11BC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.971{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=97C66D50D6972E9AF5BE2E5D022CD5A7,SHA256=513D4376A267AEBF6604697EFEEB22AFFF3CBA8743F25444B5D006F7ACD4AB66,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000178932Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:09.162{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53358-false10.0.1.12-8000- 23542300x8000000000000000178931Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:10.120{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ACF250D916F21DF5DD740FB1B0BDB36F,SHA256=923F40E91BEAA6464A97110A65BC981F334C97066360D9C4044005CD9B6B7B2B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.809{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000255973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ECFBA69B736EDA4AA9EB8AAE0A938CDF,SHA256=6238B4BB02139E780021809691B96D9192FCA09D607E145435BEE360EB90BA08,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000255972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.808{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000255947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.807{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.806{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.805{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.804{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.803{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000255921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.796{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.796{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.796{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.796{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.796{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.796{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.794{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.794{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.794{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.794{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.794{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.794{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.793{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.793{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.793{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.793{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.793{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000255896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.793{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000255895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:10.557{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=99B48843584D461329F0A90FB41086C9,SHA256=C83E49A3ECE12D79B35BEF6FF34C0BA4F3635BE73CD4A6D20574A6DDA86F4C59,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:11.563{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B79EB71D8427A16E37ADB8BAEFBBDEE3,SHA256=AC7294D74198ABDDBEA889E412C9EB8BE41493261D41228226BEAEEAA2F404C7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178933Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:11.120{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=16C70D768130064CFE4B10EE0E7D277B,SHA256=64B2B26A85681976462A8D8A173270440946737FCF5B00200E4CBF45517EA723,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:12.611{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5029953AFA1362CC538D8720CF32A3C5,SHA256=5B3323D97E071D6462CF882577DD03A039A5C608C4B26DCFC5A283396A7BB4C2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178934Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:12.135{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=274E5A92D3E3A4310523025DCE9874AE,SHA256=F70E802A2AF8603E3E4B7EF2F3DB043C7C79A2527C186C7D7DE20C88A9B38188,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:13.622{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=66336EAAE240325BB34E2FFB38017E87,SHA256=D5679B089BB555778B8555D2AD78C4031811BBAC4F94AE07D0B73C2F20A57463,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178936Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:13.963{F0653C0F-C6EB-61E7-1100-000000002402}980NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.datMD5=DA5DF11273A8C10E038139FDE37F7A76,SHA256=E54746CA397E0F700E7BA6F44FADA47060936795C3F1E1574D869EC708EF2D4E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178935Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:13.323{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=13E06362D6D5D5FB0327C24CF2762772,SHA256=85C8FDB03781167E2FD56CEE0C12A31D2A4E3E2DBA7852D6CB477BF02D5B7BE1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:14.631{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F35BAA0FA412B2F2FD7ECBEFEE78535D,SHA256=AD6F811B82A2695BFAFDE6D63E0CD482D941C6C7E8126341383F7C68C2F59C23,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178947Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:14.354{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F8E9E11BD5244229CA4B062D8CA5FF3E,SHA256=4FCA17CA790E2099BA9FF585CE4374E9AB5E734C88B77AC6D2862E310FF49A4B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000256014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:13.139{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60339-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 13241300x8000000000000000178946Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:21:14.026{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeConfidenceDWORD (0x00000006) 13241300x8000000000000000178945Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:21:14.026{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeTickCountQWORD (0x00000000-0x011ead67) 13241300x8000000000000000178944Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:21:14.026{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeLowQWORD (0x01d80d2f-0x0cc7f3ef) 13241300x8000000000000000178943Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:21:14.026{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeEstimatedQWORD (0x01d80d37-0x6e8c5bef) 13241300x8000000000000000178942Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:21:14.026{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeHighQWORD (0x01d80d3f-0xd050c3ef) 13241300x8000000000000000178941Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:21:14.026{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeConfidenceDWORD (0x00000006) 13241300x8000000000000000178940Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:21:14.026{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeTickCountQWORD (0x00000000-0x011ead67) 13241300x8000000000000000178939Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:21:14.026{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeLowQWORD (0x01d80d2f-0x0cc7f3ef) 13241300x8000000000000000178938Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:21:14.026{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeEstimatedQWORD (0x01d80d37-0x6e8c5bef) 13241300x8000000000000000178937Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:21:14.026{F0653C0F-C6EA-61E7-0B00-000000002402}636C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeHighQWORD (0x01d80d3f-0xd050c3ef) 10341000x8000000000000000256129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000178948Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:15.385{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=626FB533AF2BD45CE10D6E8E29FB9B64,SHA256=F2642F56A1CDBAE7108460E6D64812BBE35804718E0AA6B3443B8CD99DFE1C48,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.830{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.829{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.828{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.827{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.826{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.825{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.825{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.825{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.825{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.825{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.825{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.825{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.823{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.822{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.822{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.822{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.822{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.822{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.822{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.821{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.814{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.814{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.814{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.814{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.813{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.812{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.811{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:15.641{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=162C57DA2BE911D251A6C69F019C28EC,SHA256=F6C8891B6A5BA4B89D16C7E3F4E885A3FD35A20F1B4B94F005A3D49C54941B50,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:16.650{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D7A3E72150F4DBF931996B711CCDE61F,SHA256=9B95D8EC45BB948597BD0B358933AF83A2500E548DE3DBF5C7F8B8A00BE75B25,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178949Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:16.401{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DB00D7F55A34B1560EBDCE73402CBA30,SHA256=9906B2F3A0DBB6557FA855FDD04A056EF914C70505F3899EDD77EB3AA89FFF66,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:16.077{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=405C083B7928F2A520D00637C9B2FCE0,SHA256=40349BB85C2C4EF17499B26438D5525AC61A6A7323AB4801284FE083FC728A60,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:17.656{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5AEBF4FAFFC3E80298C9D181C552A9DB,SHA256=11AAFE33D47E4144E1FD411E95E66DB93F22B49B8986F2508EF14D5835B23D27,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178951Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:17.448{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=133CD2C127BA110F4851256E56974266,SHA256=07545499EB6DEAEB60CC3E07009D1E5F3D5E5C67B7E75CA55FC58A5357E9FB5C,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000178950Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:15.068{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53359-false10.0.1.12-8000- 23542300x8000000000000000256133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:18.672{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C0963C313C344D35E59EE4B9FF6DC48D,SHA256=C698248201D302E6EE09AEFF9F908B09DCA02C0928FB080B2FC127DD001B833B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178952Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:18.479{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EC2EBD1BA0D631F4BB944023652DA4E7,SHA256=F57006C0FD50B06FE5B4984DB2037AAED99349C2B1E4FFA1B431599803C28F5D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:19.676{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A4FC20E8470AB0956EC28EE005422ED9,SHA256=5E6841947764007BEA9BCC9B7865F149D24B24F34427F0EA53A46193165573F9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178953Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:19.573{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=38C396503B595A263EDC2D0F058389FF,SHA256=9C69E18D9E01F73F722DE9EA47EFA934AC312AD84DD959F270F99D9DE4980302,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178954Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:20.635{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F51B67AD5AE058D72CCB2FDD6D76DA50,SHA256=FA77CDE2D1939BD5C800F7A001D21864FA842842D349E8F9C172ED084AEA8907,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.853{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.853{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.853{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.853{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.853{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.853{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.853{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.852{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.851{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.851{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.851{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.851{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.851{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.851{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FA5723324CDFF074E12F11E3FD3EEB07,SHA256=6113409E6455B400302F293F7BFA3C8D1A7F786BD1860FF4A7B4A1EC32E7767E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.850{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.849{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.847{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.847{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.847{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.847{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.847{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.847{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.847{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.847{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.846{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.846{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.846{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.846{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.846{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.846{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.846{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.845{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.845{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.845{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.845{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.845{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.845{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.844{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.844{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.844{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.837{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.837{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.836{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.836{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.836{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.836{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.835{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.834{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.833{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.833{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.833{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.833{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.832{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:20.686{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=77DF4B4F1C461A72BE133C5E4BE9BE45,SHA256=4AF8168D531F6673067B25F920F5CCC28A333920E6FF8B85F5E79A45A26F45AE,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000256135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:19.112{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60340-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000178955Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:21.651{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FDC7789B42E38E34F868E1AD251F523C,SHA256=811A9DB5DDD49607D90C7014BA2612DC7B049A087C7EF85EEAAC11D62F39E60D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:21.699{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=85204ED1EAB6F08532B3B9BA1D4D852D,SHA256=AEA32B75A61018FBFA816D68E2A594CE5C3DC0A43F9DBA69EE40DAC7D937642D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:21.179{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=84FCB940171B08F1B821945CF94BB022,SHA256=4FE9A8AA6FFEEEF2B3C875D6747DEDCDDB6B6683D0D5CD4BFD566196EEACF183,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:22.704{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CDF5CC3648B36403DF03F8659A84A932,SHA256=82F2DC911EDD801D87B3099D623B8065760AD81E9EC09A813618FD304B16F555,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178983Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.963{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1052-61E8-2109-000000002402}1888C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178982Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178981Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178980Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178979Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178978Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178977Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178976Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178975Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178974Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.963{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178973Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.963{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-1052-61E8-2109-000000002402}1888C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178972Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.963{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1052-61E8-2109-000000002402}1888C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178971Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.964{F0653C0F-1052-61E8-2109-000000002402}1888C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178970Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.667{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=98BDFA7A5F7871262FDB2C256669B044,SHA256=75A878360D7D12D2FE98CB7883957584C7BF6636CF2C15CE37435D633BC4AA29,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178969Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.620{F0653C0F-1052-61E8-2009-000000002402}17641916C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178968Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.292{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1052-61E8-2009-000000002402}1764C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178967Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.292{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178966Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.292{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178965Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.292{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178964Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.292{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178963Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.292{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178962Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.292{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178961Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.292{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178960Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.292{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178959Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.292{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178958Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.292{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-1052-61E8-2009-000000002402}1764C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178957Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.292{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1052-61E8-2009-000000002402}1764C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178956Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:22.293{F0653C0F-1052-61E8-2009-000000002402}1764C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000256253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:22.067{ED6274ED-C6F3-61E7-1300-000000002302}704NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.datMD5=2F9D28008281AF4EAF969056D304B2C0,SHA256=D1BA4FD96CFE794D5CC5702622915C7417E9B6B9FA7FAB115A6BA14112917228,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179000Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:21.005{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53360-false10.0.1.12-8000- 23542300x8000000000000000178999Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.698{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D36E76695BE81AB0ADE2A7CADE3112DB,SHA256=EC6688ED9F464E02FF8D3AC09B6F55C784EC6C86239BCB71A45B7048B6DBBCED,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:23.709{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9F1D6A277597D64B6F1F6BA1398420B1,SHA256=38D312C60E8AEC9DA9EF333960C23DCAD016D5C5EF48FB54D8D86CF74F3FA187,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000178998Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.635{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1053-61E8-2209-000000002402}1880C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178997Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178996Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178995Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178994Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178993Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178992Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178991Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178990Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178989Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.635{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000178988Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.635{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-1053-61E8-2209-000000002402}1880C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000178987Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.635{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1053-61E8-2209-000000002402}1880C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000178986Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.636{F0653C0F-1053-61E8-2209-000000002402}1880C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000178985Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.510{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=F6E6DAF4A994D9D95DBF176BB6764BF1,SHA256=B5448DB7303A6DDF5B62F3E5317054EE393F97A6915940D8E2CD6D40AF70FAB0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000178984Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:23.510{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=3EBC4D5AF865898293923C56B0D89137,SHA256=16B24C8E67D4BC60AD9EB3B9B8A2F23396EFD4979DAE68A0C13C3BD7A9C45C3D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179002Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:24.870{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=F6E6DAF4A994D9D95DBF176BB6764BF1,SHA256=B5448DB7303A6DDF5B62F3E5317054EE393F97A6915940D8E2CD6D40AF70FAB0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179001Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:24.713{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6F36C12DB6D8DD0FC6188DA87C4355AD,SHA256=3DEA08CEB784FC3C3CE27AE53BB7FCA44D2A78C12ACC6E8CDEF871141AD86560,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:24.721{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6A54C2FA956AB2F49D9C075F730E4F38,SHA256=0E5814B8C2E962993E65FD93D121E031C82E527AA5AA470156EABCB047C575F2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179003Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:25.807{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=667524DDC50F6F0C274C2E2596D0829F,SHA256=981D3185C79124386D02EBD3F589B39C614D9972921D6712C13A1326ED8272C1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.950{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=118ED9F6D6838705424B15F281488818,SHA256=9FB0CA5C04B6D9B16C11AAF22BB7EF3754D8BEB872EFA121B7D67BA263592F93,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.874{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.874{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.874{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.874{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.874{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.874{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.874{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.874{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.874{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.874{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.874{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.873{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.872{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7195269502A11E17C01AC008F1A8E314,SHA256=6EF86C6825E0C89E8EB8E7655975AB3C22B43826F345F34BC593A6685EF0F4CC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.872{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.871{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.871{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.871{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.871{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.871{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.871{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.871{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.871{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.871{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.871{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.870{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.869{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.869{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.869{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.869{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.869{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.868{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.868{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.868{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.868{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.868{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.866{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.866{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.866{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.866{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.865{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.865{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.865{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.865{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.865{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.865{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.865{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.858{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.858{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.858{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.857{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.857{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.857{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.857{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.857{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.857{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.856{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.856{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.856{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.856{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.856{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.856{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.856{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.856{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.855{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.855{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.855{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.855{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.854{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.854{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.854{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.854{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.854{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:25.726{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=26ADE2C1AC563BE99B032C87499E7440,SHA256=030CBDA8152D1D5B40659918B74A3F2896B870BCE12778D061D2BE811F3DC62C,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000256257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:24.116{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60341-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000256375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:26.734{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9195979E0766ABB9B913449F89608755,SHA256=F1684672438567514CEE8013FC72C0175B69092B69C8825C21AB6E065E58D5E9,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179018Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.916{F0653C0F-1056-61E8-2309-000000002402}35361236C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000179017Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.823{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4661798B5EB14BF8DACF0AD7E888F4A3,SHA256=4B26863A8C386C372148F178FA13E3F6E5DA3A2B6B0ED8C2F5B2CC4B3D140C11,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179016Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.682{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1056-61E8-2309-000000002402}3536C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179015Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.682{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179014Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.682{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179013Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.682{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179012Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.682{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179011Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.682{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179010Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.682{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179009Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.682{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179008Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.682{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179007Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.682{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179006Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.682{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-1056-61E8-2309-000000002402}3536C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179005Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.682{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1056-61E8-2309-000000002402}3536C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179004Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.683{F0653C0F-1056-61E8-2309-000000002402}3536C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000256374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:26.229{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\respondent-20220119080839-304MD5=31AE3B99E9722C70B2B0BF5629B78D35,SHA256=018F3996AECFCFD96518A9A6A1237881C0D4A214E94965D02F176A723ABECB27,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179047Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.855{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=98D349A7CE077F37A07D38E844978998,SHA256=57F185F7E85789B5F668891858C767802776A85FC00CD1C0C3DDE90EF477FE5F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:27.741{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CAA90AD718FCEFF9C9D135589B9D6724,SHA256=159F370E7BA09DB8D8C07E3868F9A5823F51B8087889BA7E1935DE15BD95F842,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:27.626{ED6274ED-0D99-61E8-050A-000000002302}7764ATTACKRANGE\AdministratorC:\Program Files\Internet Explorer\iexplore.exeC:\Users\Administrator\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-314712940\msapplication.xmlMD5=AF8AD9D91F4C914AE02C5B8BF948A1DA,SHA256=1C11E9C95395006826E7695C4F7F963C4ABD8D01FCC6C98E67916F114D4E2916,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:27.229{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\surveyor-20220119080836-305MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179046Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.807{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1057-61E8-2509-000000002402}2716C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179045Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.807{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179044Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.807{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179043Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.807{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179042Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.807{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179041Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.807{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179040Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.807{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179039Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.807{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179038Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.807{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179037Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.807{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179036Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.807{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-1057-61E8-2509-000000002402}2716C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179035Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.807{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1057-61E8-2509-000000002402}2716C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179034Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.808{F0653C0F-1057-61E8-2509-000000002402}2716C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179033Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.745{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=91E37B16B72BC3DC7AF9FF2594AE09C5,SHA256=E1440027C42A0258472B03DE1B6F19ABFDC8399B7F673A18664D03DB609CF81A,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179032Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.354{F0653C0F-1057-61E8-2409-000000002402}524612C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179031Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.182{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1057-61E8-2409-000000002402}524C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179030Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.182{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179029Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.182{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179028Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.182{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179027Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.182{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179026Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.182{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179025Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.182{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-1057-61E8-2409-000000002402}524C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179024Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.182{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179023Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.182{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179022Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.182{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179021Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.182{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179020Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.182{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1057-61E8-2409-000000002402}524C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179019Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.183{F0653C0F-1057-61E8-2409-000000002402}524C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000256379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:28.748{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1B8F235EFF463B912EFEF9BD80619E5C,SHA256=BBE3F243FE31A7E79617924BAFBAB6444B56364BBC6E34D852F7AACF02F869E9,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179056Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179055Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179054Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179053Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179052Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-1058-61E8-2609-000000002402}3760C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179051Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1058-61E8-2609-000000002402}3760C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179050Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-1058-61E8-2609-000000002402}3760C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179049Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.870{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=2981AB2CFF68F6FD6460D70B12963246,SHA256=71CA8FB31AACA5B40D0EE42FBEAEB060D2EBB867FC4E71C2948398A49BF8DDF7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179048Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:27.995{F0653C0F-1057-61E8-2509-000000002402}27162592C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000256380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:29.759{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C548D5D6059CBF0367DC587D04FDBAEF,SHA256=9694B047003A11F76B83F2FB6FF74CCE9B31D5051849DC270427949718803DEB,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179064Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:26.114{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53361-false10.0.1.12-8000- 23542300x8000000000000000179063Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:29.088{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C2071C39439D81C9BE63648B1C8ED2B5,SHA256=938515BB2897CBAC8116BFB6AA129800432EDF22A853086527ECF930CA8BCDB7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179062Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1058-61E8-2609-000000002402}3760C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179061Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179060Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179059Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179058Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179057Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:28.995{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.893{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179066Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:30.120{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=15460304137B1C2ECAE63257CFD483E5,SHA256=50845C28740EF7A21FF0E295280922C1580FD8EDB7089918DB89700EAB5FF92E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179065Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:30.120{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=24327B9213F58041737BD47093ED96FF,SHA256=B7CBC034C828EC701E08936E939359AFC954B9F390A862FB496466613F240919,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.892{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.891{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.890{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.889{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=38543C7549827D1613E2F01067CDF145,SHA256=311CF71314755BE1DFE4751E985B4AF759C40F9531D5FE6C209A4D4EB64E14C4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.889{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.888{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.887{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.887{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.887{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.887{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.887{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.887{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.887{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.887{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.886{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.886{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.886{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.886{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.886{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.886{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.886{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.885{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.885{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.885{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.885{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.885{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.885{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.885{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.885{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.884{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.884{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.884{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.884{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.878{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.878{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.878{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.878{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.878{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.878{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.877{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.877{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.877{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.877{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.877{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.877{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.877{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.877{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.876{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.876{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.876{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.876{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.876{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.876{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.876{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.875{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:30.762{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A78DD6A2EE5F07D8360C0AEFEB9494E2,SHA256=F3CD4B9F7C84C400EE85A61EC1FA5C36AA3D93A620F583063D86DE44A24B6451,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000256381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:29.311{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60342-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000256498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:31.784{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5F7B698FBD92AA11F8FBD7BC4717DA78,SHA256=403458B7BE0F1048203010AFF728877B01CCE4613329DA5F1A6AAD783C290B0F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179067Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:31.260{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=04CF219C0D77A738757F47864CAAC108,SHA256=5DA08BDD7C0BFA802EAE241D9C0A718C89577810AD2C83465785FAA72337860E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:31.052{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7A7453188AF28BED3933C35FC5717FC8,SHA256=18EAC4A93F80F0BD96978BB721FA06659690B85FA7B43679434C32FBB18A3682,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:32.799{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=526D220CA838B84566A0FEE5DB569635,SHA256=39D3B6382DD5AC1143B6AE1A5EDB8766E6F3A706E0864317399A92113E6F7CA3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179068Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:32.276{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D9D9F0C7E04D73925F6D486097A037BC,SHA256=A1DA8EB22AB0783958D7BB61A9BE0B2BF0DE3A41F79511B91EA471432808E24F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:33.804{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C16900D87C184851DD56CDD807FAC422,SHA256=8C11E9A09ED3CC9D09447DC3299FE533608FE312B02FC8327B5173EC56E95261,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179069Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:33.291{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FA8D885EF79F401EF037A446AFD2EE7F,SHA256=58E3427C1878ED2A15A8C348A282AC6C95F95BF4B736F441D54CC9BB0A9C5838,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:34.825{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D3E25E84E72DFFB290C103188FF75E77,SHA256=7E2B91143465D12C83D4179A8D5A2D1E44F3C31C65F60DF085C300CE1C59345A,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179071Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:32.083{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53362-false10.0.1.12-8000- 23542300x8000000000000000179070Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:34.338{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A5A6FD5D0D63EA40F9BE815FB8CA2690,SHA256=B55E92123EAF0591FBD3341E82B8B0CE96F5E4CF4F6A7669B8D0E48EB226FB19,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179072Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:35.354{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3144420D685BABB1939314BC085E4FA3,SHA256=4DEDD1880539813A8AF4056DD8DB0E235BBC5785127B2061BA3074BF599EECFB,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.913{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.912{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.911{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=781AD0DB58570A6F0EFA3CE104E09027,SHA256=9083C6DA8351CF79E386574160EF465246230D66CF39F79ED79F7BF6D173611D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.910{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.909{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.908{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.907{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.907{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.907{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.907{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.907{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.907{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.907{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.907{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.906{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.906{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.906{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.906{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.906{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.906{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.906{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.905{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.905{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.905{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.895{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.895{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.895{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.895{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.895{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.895{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.895{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.895{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.894{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.828{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=65F228DC1732D6DFBEBE536F14AEC3B1,SHA256=F809505AD0254A246E505B5DAF601F8CC4FDDE4A9283078B0DA1474CC946992D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:36.842{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3FBDA470F7C2DBBFC342189972AF8DB9,SHA256=D88C8BA71B0A771380B5D82E45BB9EAA22CA67077D87E51CCD4D6F245D4F37AF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179073Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:36.370{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=04F5D2A695E0E40C60F3D8505949B3C1,SHA256=A6717DA621A6CDD62CE8EE25E4C6FD9AF1E30035FEFCD7D90C60C16AE65E9068,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:36.152{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=069016B18F8B78053963CEAB1D41289C,SHA256=B184E728F5CAB23B11A324DD28D9A0BB6BB94580D783DC1D023E605D85063367,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:37.849{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B4DF15740B6397D4C1789EB3874D168B,SHA256=9676A8EC989E8725010506C32D46CA22E2957B7791350035F4DC0A879C25B3E0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179074Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:37.385{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CB3B77E9CEFECFD65AC6825D02FCCF59,SHA256=15A28EB3CB720EDC0A9728E286979D5AD96B23D850035F870D078FC2FD9DEB33,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000256619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:35.286{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60343-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000256621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:38.852{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=60D73223DEEC8E14B91E915F56394E08,SHA256=F3AA9321D2E15CAAC7AD941FD986EF8E0FA48B845966F652B78371997F64190C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179075Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:38.401{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=34DC6643C45E4484F866C2B95331C3AF,SHA256=B04B954FDD13DDF1616EDCD157D583DB25D979F162AD9B2B99377C64FBA3B035,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:39.865{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6E68217497759D06CB086D1BCBC1F857,SHA256=B9EF250B05F38FAB220EFBB4ACA29FD97F583A39AE0F851EC3612E0B17C02D7E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179076Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:39.401{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=44E34C875F61FEA2244D7E15BF6DE151,SHA256=BBDF724B6DF9E7C5AA85590B46EE89B881123260FAE557C24F7797EF34368AC8,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.949{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000179078Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:38.036{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53363-false10.0.1.12-8000- 23542300x8000000000000000179077Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:40.416{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EEFC8E0BB8D4ACFE98630099CF972173,SHA256=28CC8B4EE9AC120A3586A9BE7A02406934D41EE693684620F0C7A1D46CB1F269,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.948{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.947{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.946{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.946{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.946{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.946{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.946{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.946{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.946{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.946{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.946{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.946{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.943{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.941{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4DF07D8776D5D0B18591BE6AFB303C82,SHA256=0DEE719265E12B33903ED314221544C7461AB4DC98E211285C4B32603F80E97C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.940{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.939{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.938{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.936{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.935{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.934{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.933{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.924{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.924{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.924{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.923{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.923{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.923{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.923{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.919{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.918{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.916{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.915{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.914{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:40.886{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EFDCEF490EF69446E3DE951A9EF00427,SHA256=12B6B9AB7BE6D1A07D50C9CECA8FFA8401D549CCCA58396F1E6A2C0F8849E415,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:41.906{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A32509453CA13191B40E4C5A5C5CD73C,SHA256=F302964E0A3AB48884533373D90826F34F76C2FE0CA9DA966AF74EBD40742131,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179079Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:41.432{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C3F9975159AA936C66A6F6958D8A5F59,SHA256=D16416EDC0488D090A60933EF0DE7759CB9593E1F24CC1B9B9ACDADB853EC1FB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:41.259{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1110E2A6E941AB2C8423C698468CCCD8,SHA256=86901CD81675E2C4F2EA0E8338E488F4AA21AFC3435271525046B3144AEC2A45,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:42.914{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=51185D201970CA2BEE21A3D0DB909593,SHA256=CF97C48C4C8197C711666CD35C9A9F494A9A97E98C83A420C152FFD51E9300D2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179080Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:42.448{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=75BCF3E42BE382CD5F0F96595BED888F,SHA256=AEADB21304E85DA39B283375AA845A4478354AEA43628B86E2C79A1E2107DD68,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000256740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:41.273{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60344-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000256742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:43.918{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FC722CAA33BFB8893205799EF649480E,SHA256=52DEF229787C8B550CAACA6EE26AE54DB8B73911E582DDF660F613E678943DA2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179081Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:43.463{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5EE185203F170E5345D006E7DFE668E8,SHA256=B5F6A358E8A25E113B0B79312FF65E01F48E600714F2EE01ED126E8A6D6FA719,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:44.922{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=027BB57CF2A462A2C5BCB41EA126E930,SHA256=9BE3BBF2256ECCD7A6F89547DB21BDD379C0DB59F3F887751E0A1E5FC5329A71,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179082Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:44.480{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BC6028A90745988752857A69E20C4A2F,SHA256=9139E724DB86598A4D45A6A20E59D3D8719B929C57088B811CA6839496E52BED,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.968{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179084Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:45.495{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AF423B334D0B3784EC4F45126D5FC3BD,SHA256=AE318318C6A57AC42B7A90F4F6103D8073F4D880DA4C76844AAA32A5112ABC6B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.967{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.966{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.965{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=475E438BE44A32F673DB759C20209690,SHA256=B3FBF2B459DD06155B874BF6C5186A4158A08A3290A3F214CF7ABA074B92434A,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.964{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.963{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.962{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.961{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.960{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.953{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.952{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.951{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.950{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:45.927{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9A86CC87D5D24D613E6357B70896FAF2,SHA256=0BA26C4B5DACCC080E0433FEFD761CD78465483C05465FA7F74640C87D34E2B1,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179083Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:43.146{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53364-false10.0.1.12-8000- 23542300x8000000000000000256860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:46.938{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=673C1072807766066E6E1F49B9514F75,SHA256=E6282CBB72C12CE118FA2863B63EF666290D10CBF328BF520720A41A059F5C7F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179085Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:46.510{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=553CF9D62668BD02F1E7012F27875B44,SHA256=0494B9712CBFA3CC6225E2AFD9E4AA49D5A0940E7B37A812B9A83D6014C0C922,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:46.358{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=67EB6331400F043BB8E8586CF232E6FD,SHA256=91D4816138C5245F6C672076DC9076E18BA9622982883A05203896A83CAD8B4C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:47.959{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6D8BB19ACEFED22AE31D5CC39B4399E8,SHA256=4FA7C0741573D3A3A9B4FDFA586FE99C436EFA8F1F365C4E301B68632F44C49B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179086Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:47.526{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A4DFE4B7A87F0C77DEBF6EA106306720,SHA256=98B3D7E6A7DE5C0D5FB447D9C6C6F0EE08462B86D5DB244127059AA66E0E70AD,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000256865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:46.284{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60345-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000256864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:47.251{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\aborted-session-pingMD5=D5AA3809B16031CABB6281409D695BA7,SHA256=134952BA27FCFC3EA672F8B26CF8F42E6E8BB4E828A3306D9B68750C77D9672D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:47.173{ED6274ED-C83C-61E7-B500-000000002302}47004808C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHCORE.dll+64c8|C:\Windows\System32\SHCORE.dll+6497|C:\Windows\System32\SHCORE.dll+6387|C:\Windows\System32\SHCORE.dll+62fd|C:\Windows\System32\SHCORE.dll+620a|C:\Windows\System32\SHELL32.dll+55a20|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11ed7|C:\Windows\System32\USER32.dll+22a53|C:\Windows\SYSTEM32\ntdll.dll+a9824|UNKNOWN(FFFFF80185E73FF8)|UNKNOWN(FFFFFF49E24A5B48)|UNKNOWN(FFFFFF49E24A5CC7)|UNKNOWN(FFFFFF49E24A0351)|UNKNOWN(FFFFFF49E24A1D1A)|UNKNOWN(FFFFFF49E249FFD6)|UNKNOWN(FFFFF80185B8B503)|C:\Windows\System32\win32u.dll+10c4|C:\Windows\System32\USER32.dll+1ea2e|C:\Windows\System32\SHELL32.dll+5928b|C:\Windows\System32\SHELL32.dll+dac4a|C:\Windows\System32\SHCORE.dll+33fad 10341000x8000000000000000256862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:47.169{ED6274ED-C83C-61E7-B500-000000002302}47004808C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHCORE.dll+64c8|C:\Windows\System32\SHCORE.dll+1c0e5|C:\Windows\System32\SHELL32.dll+55501|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11ed7|C:\Windows\System32\USER32.dll+22a53|C:\Windows\SYSTEM32\ntdll.dll+a9824|UNKNOWN(FFFFF80185E73FF8)|UNKNOWN(FFFFFF49E24A5B48)|UNKNOWN(FFFFFF49E24A5CC7)|UNKNOWN(FFFFFF49E24A0351)|UNKNOWN(FFFFFF49E24A1D1A)|UNKNOWN(FFFFFF49E249FFD6)|UNKNOWN(FFFFF80185B8B503)|C:\Windows\System32\win32u.dll+10c4|C:\Windows\System32\USER32.dll+1ea2e|C:\Windows\System32\SHELL32.dll+5928b|C:\Windows\System32\SHELL32.dll+dac4a|C:\Windows\System32\SHCORE.dll+33fad|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000256861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:47.169{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms~RF11f2798.TMPMD5=3BFEABEF62EED5634A3D9EC762FF8CF9,SHA256=8CFFE559F97E8DD9937ED59EDD9BA6381AAF578575E36594FEC60085CDEEFEF0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:48.966{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D654791EE1DE799196B42E6CB349925E,SHA256=7D27C6DD7CB01F2D1F7CDC4E5FB6D1619026FC5CAF65CAA3859C16E57E814775,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179087Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:48.541{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B94F763F77DDC0D1A204964D802CC764,SHA256=037B3F3CEB00ECF8159DA3663C4C5939EA044E3C4EAF3D9BC9152C21C569CABC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:48.680{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-106C-61E8-7D0A-000000002302}7900C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:48.677{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:48.677{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:48.677{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:48.677{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:48.677{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-106C-61E8-7D0A-000000002302}7900C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000256870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:48.676{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-106C-61E8-7D0A-000000002302}7900C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000256869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:48.675{ED6274ED-106C-61E8-7D0A-000000002302}7900C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000256868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:48.116{ED6274ED-C6F2-61E7-0D00-000000002302}9006584C:\Windows\system32\svchost.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:48.116{ED6274ED-C6F2-61E7-0D00-000000002302}9006584C:\Windows\system32\svchost.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000179088Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:49.557{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2B24A7A1FCD8C70BAFDD480B4887AAE3,SHA256=DE0515BEE068FE2DBD210217E580A421294003D88F5D64B6AA0386550FF1FF16,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.977{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=459C7D36B622E3DD30F0D76F0BD68B4F,SHA256=69D17089F3D9D59BBF69E4A75950F55E7C1631793918FBBFF0078B5656D477D7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.934{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-106D-61E8-7F0A-000000002302}5832C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.932{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.932{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.931{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.931{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.931{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-106D-61E8-7F0A-000000002302}5832C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000256890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.931{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-106D-61E8-7F0A-000000002302}5832C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000256889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.929{ED6274ED-106D-61E8-7F0A-000000002302}5832C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000256888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.680{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=D30CA1300CE91C6CD36122805DCD6E30,SHA256=B52471A08B49BF45950F94E53ABAAB539860F153A769F23B16A09117DB3CB73F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000256887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.678{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=19C9BCB29E6DCC1CAEC4C1A755565AC0,SHA256=E2247BAAF206095B58666FD40EC0FA2D956A5F25A8005A1DA494473E4309FCFC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.548{ED6274ED-106D-61E8-7E0A-000000002302}7836684C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.348{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-106D-61E8-7E0A-000000002302}7836C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.346{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.346{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.346{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.345{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000256880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.345{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-106D-61E8-7E0A-000000002302}7836C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000256879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.345{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-106D-61E8-7E0A-000000002302}7836C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000256878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:49.344{ED6274ED-106D-61E8-7E0A-000000002302}7836C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000257012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.988{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.988{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.988{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.988{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.988{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.988{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.988{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.988{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.988{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.988{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.988{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.988{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.987{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179089Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:50.573{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FA444D3357FC4BCC558601552C2BB0EF,SHA256=F7807B7EE239E0EBA94A977B406AB4033DF985DAB610FAABFCAEE288FBA3AF7C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.987{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.987{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.987{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.987{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.987{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.987{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.987{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.987{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.987{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.986{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.986{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.986{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.986{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.986{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.986{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.986{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.986{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.985{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.985{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.985{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.985{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.985{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.985{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.985{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.985{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.985{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.984{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.983{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.983{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.983{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.983{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.983{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000256951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000256949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.982{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5BCB09AE47CF2777F91E0A12B6D6E319,SHA256=E2CFA26CF0AD7F0C1F952A0FB2561CF1907A8718454B692547F43BD6F9BAB18E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000256948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.982{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.981{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.981{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.981{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.981{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.981{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.980{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.980{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.980{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.980{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.980{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.980{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.980{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.979{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.979{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.979{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.979{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.979{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.979{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.979{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.978{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.978{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.978{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000256924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.971{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.970{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.969{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.968{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.968{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.968{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000256899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.968{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000256898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:50.935{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=D30CA1300CE91C6CD36122805DCD6E30,SHA256=B52471A08B49BF45950F94E53ABAAB539860F153A769F23B16A09117DB3CB73F,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179091Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:49.053{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53365-false10.0.1.12-8000- 23542300x8000000000000000179090Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:51.588{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=15399B8406F55B22C24C252B19B120E1,SHA256=A49BDA2D619FBB4A3F07E4686179AA6C256892A29696C016F50950C82A49D970,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:51.057{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0B32D00C028DBE447B3F8F3A1FB16C4D,SHA256=0252A18830F1AB09BC97E07EC56C3A104C39391617373AF417A07669BE09B61D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179093Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:52.604{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2ACB823657CBF008228D30AEB3E8D633,SHA256=5F38D010B67968A33501E63761C8C23E38F27110C10C83570CFB04A66C89E1BD,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:52.583{ED6274ED-1070-61E8-800A-000000002302}73244876C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:52.305{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1070-61E8-800A-000000002302}7324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:52.302{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:52.302{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:52.301{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:52.301{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:52.301{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-1070-61E8-800A-000000002302}7324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000257016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:52.301{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1070-61E8-800A-000000002302}7324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000257015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:52.299{ED6274ED-1070-61E8-800A-000000002302}7324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000257014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:52.051{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1E6B25150743DDE2F81D6E78F7A48612,SHA256=BD9A3A7D6BAB372C5E39059E23096CF03DC792D653F68094BEC3A674DD5E4375,IMPHASH=00000000000000000000000000000000falsetrue 13241300x8000000000000000179092Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:21:52.573{F0653C0F-C6EC-61E7-1500-000000002402}92C:\Windows\system32\svchost.exeHKLM\System\CurrentControlSet\Services\W32Time\Config\LastKnownGoodTimeQWORD (0x01d80d37-0x85bfd4f1) 23542300x8000000000000000179095Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:53.621{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=885CAB934544684BE84C9B308D538564,SHA256=2EEF1D17BB864346B05C69D4F2144B99D1BC0A3808583BE52FEEDC5A84FEEDD2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.359{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=4A1A65A3C72BE5B2A47BB9A06DA94B6B,SHA256=36984D3407D8DFF36BB755F45E11D5527B4A71D0590AE420498D7885678968C2,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.331{ED6274ED-1071-61E8-810A-000000002302}74488068C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.082{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1071-61E8-810A-000000002302}7448C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.078{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.078{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.078{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.077{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.077{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-1071-61E8-810A-000000002302}7448C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000257026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.077{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1071-61E8-810A-000000002302}7448C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000257025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.076{ED6274ED-1071-61E8-810A-000000002302}7448C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000257024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.062{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B53A146AFA624B58F4B1BD0FD8B77A89,SHA256=273BB13286E18A7F242E9071A1343094579002B5E6EF239E85D3E8C5D663FE26,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179094Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:53.074{F0653C0F-C6EC-61E7-1F00-000000002402}1924NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179097Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:52.990{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53366-false10.0.1.12-8089- 23542300x8000000000000000179096Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:54.637{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=07BAED2D0F71194D833A2D27E517704E,SHA256=D2279F3D9DF5B9B9937C47B29CC7E89CE08970519189BB634E023FDA42B2D8BA,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:54.679{ED6274ED-1072-61E8-820A-000000002302}19767952C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 354300x8000000000000000257047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.467{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60347-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000257046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:53.466{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exeNT AUTHORITY\SYSTEMtcptruetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60347-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000257045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:52.249{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60346-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000257044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:54.416{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=BAE69552D831DCCE2281830BE3638FFA,SHA256=01C2B045B3BFBAE488C99715F40C1DE4D1E0B040739B4567C26119F8D9A20F4A,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:54.391{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1072-61E8-820A-000000002302}1976C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:54.387{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:54.387{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:54.386{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:54.385{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:54.384{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-1072-61E8-820A-000000002302}1976C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000257037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:54.383{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1072-61E8-820A-000000002302}1976C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000257036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:54.382{ED6274ED-1072-61E8-820A-000000002302}1976C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000257035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:54.070{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2B51A2ADAE1F16102E45DDB7A356C524,SHA256=0839274C382C1928122DD90BA9DE137842909C141E706844EFF472F4C7A1C911,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179098Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:55.653{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7C9E700A14F0CA88C742903C1B330E29,SHA256=47FC2F02A6D80A84939C125B9BA7EA45DA29A12BEE421D9B920BF7CC38E0C7F4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.995{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.995{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.995{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.995{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.995{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.994{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.994{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.994{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.994{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.994{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.994{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.994{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.993{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.992{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.991{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.991{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.991{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.991{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.991{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.989{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.989{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000257049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:55.081{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ED0FDA022E082DA902CF8E1D91B2E232,SHA256=22C9FB58A359FBBA0C9D8881C7F72831E821F8397296782AC7514DF7D5A98559,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179100Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:54.176{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53367-false10.0.1.12-8000- 23542300x8000000000000000179099Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:56.668{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=90E41EDCDCEB7130C31D44D2E1B3AD9F,SHA256=6984401E668EB8A6095D8E5950903A052A0799840910635181F90157F5C48F52,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.467{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=77737C0F4CB6ABEE2F2CC388E17091B7,SHA256=0FB0BB2D99B62CBF7A028C21687B38D0046CD290BE1D143655ED7AD0BD196D1E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.459{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F73ED757FF4E8D4F3364214A93993BD6,SHA256=47178B1C8E4B51ECCF6CE813AD3D5CB94FB9CCD3DC7BC4BFE3699208A5EB95A6,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.012{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.011{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.011{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.011{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.011{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.011{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.011{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.011{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.011{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.010{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.010{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.008{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.007{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.007{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.007{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.007{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.007{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.007{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.007{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.007{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.007{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.007{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.007{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.007{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.006{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.006{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.006{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.006{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.006{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.006{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.006{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.006{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.004{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.004{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.004{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.004{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.004{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.004{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.004{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.004{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.004{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.003{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.003{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.003{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.003{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.003{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.003{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.003{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.002{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.002{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.002{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.002{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.002{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.002{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.001{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:56.000{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000179101Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:57.715{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=28066D39A6C30A17C4AC6C9462E4C3B8,SHA256=569231012CB7996D1727BB0F9B67D4E27694ABD21084801DEDB2C77A38C43CB5,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:57.497{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1075-61E8-830A-000000002302}7908C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:57.493{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:57.493{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:57.492{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:57.492{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:57.492{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-1075-61E8-830A-000000002302}7908C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000257168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:57.491{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1075-61E8-830A-000000002302}7908C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000257167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:57.489{ED6274ED-1075-61E8-830A-000000002302}7908C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000257166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:57.476{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=59BA67CAF8AE5773A24945E25D4BACE5,SHA256=E1DB09EF2CB83AE8CF015E99A8A6E6EA0C1CFFD66ADAB983964A890083602E71,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:57.232{ED6274ED-C704-61E7-2B00-000000002302}2988NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179102Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:58.747{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EBBFE4FA766B963B4AE43AE9B5E6D4F9,SHA256=DB9955FF37442CECB4A217EC159FBA2FA56C404E338A9574015A63D4728462E9,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000257177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:57.272{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60348-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8089- 23542300x8000000000000000257176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:58.521{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=65FD08A34B1239ECB4255D31703B64CB,SHA256=6D9991DDA8F085655ED197268C3703B9C0A32AEACBFC933636CAF2B27C5330EF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:58.500{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=D5A0E6969635453BC1B3373C607EE7C1,SHA256=DD340AA458885E792631993245B8C9833E39DC83008DD7B7977DB63A4EEBBC02,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179103Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:21:59.796{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C3C7B76C1D94B3950ECC569D8A8CA380,SHA256=C033512B3449A71E9C38781EEF64C74037B77D5624656CB282758914CBAA9CED,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000257179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:58.197{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60349-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000257178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:21:59.524{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DD2131CFDECC324B078B33EF7CB49877,SHA256=D65CE563CEAF7193E42D62C5B01BEAE6E135EC62D7C4017D0DF45012D3BD7D17,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179105Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:00.850{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BAED69E3739C621D7FAD0E9B3A303E70,SHA256=A415463953319E804AEEA4FCA1D7D644EA0D601D68A8B89724D04FDF8581A1FA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:00.543{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DBB66E5EA6A95A1BE5B9B9F6D2FFDCCB,SHA256=4AA05853DA35B859B54CDE03E993B55D5C5D0EEB8534368B24EEF8E34252FB78,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179104Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:00.204{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\respondent-20220119080814-305MD5=26E1A90A17A870013EF4C4218FE87777,SHA256=02B0674969846812EB5EACE6FE845327C5B46FC53D45D3793660008BF07077BC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179107Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:01.882{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A1B53C389F4138EAFA1220860A722AE1,SHA256=947547BB8FDA8A12265EFB0481B12F6F38BBBE61EA6CBC49707348F09DB1C0A0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.558{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E138D9EAD2B9E93ADCBABB46C1AE5337,SHA256=CC2F9D55648E50B79F2C35FDFE7F5CA455FDDDFF234E4CA2B88058CB7802662D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179106Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:01.210{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\surveyor-20220119080812-306MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.121{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D361616B0D85E02A2C727FB0C3B9E985,SHA256=EAFFDFF7EAB825695482DCA0C5767D392B623D6B49DFA7F655C13835A0DDB3F0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.047{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.046{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.045{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.044{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.044{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.044{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.043{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.043{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.043{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.043{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.043{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.043{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.043{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.043{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.042{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.042{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.041{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.040{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.040{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.038{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.038{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.038{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.038{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.036{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.035{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.034{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.033{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.032{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000257207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.031{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9A2935588675E882D6DE4B809F0C64D4,SHA256=BF85C135D27961FEB6045DF6D29058E401B01A01280876FB3B62CEFBD62AA0E5,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.020{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.020{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.020{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.019{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.018{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.018{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.018{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.018{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.018{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.018{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.018{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.017{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.016{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.015{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.014{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.014{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:01.013{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179109Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:02.929{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D166A1F2C674C76EDB1D8792B51443E0,SHA256=0BA7EBE9AE157254A7B2BA21BF6653879F744C565E6153D02C98334505B5AC6D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:02.564{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8423001F32802E90238C896F956722EC,SHA256=A5E86F632B971EE89836B2FBA1729BE70A4FB35B56034F7EEBCE88E719C1918A,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179108Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:00.054{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53368-false10.0.1.12-8000- 23542300x8000000000000000179110Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:03.960{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3541AB70F304B7A5682C1D2D69EFD152,SHA256=3666E9DF13C4371878C605F5660C0785248543E555B469142405794948D8F3B4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:03.570{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5C1505883687ECF7768AF6F8256E3EA1,SHA256=92947FE2EE9322376DAEC0F1FA8067EB7BB3FEFC1CBA92A6E90C1A14CE890638,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000257300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:03.203{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60350-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000257299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:04.578{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=75ACEB8395B17A13C04FE211E2ECBB23,SHA256=14CEAF4856CC2466C48BC6B900B1F7B72F1EA4BB63757ABE3AEE8ABF36E7A3F9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179111Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:05.194{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=664EDB92CEEE5075A4428B55C53E1EDD,SHA256=662D8C03B3E63798473FC9713EEC1A929AFE262A629D1213E9EC7A0EE2137C51,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:05.593{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=638F5248E2698575DD95E9F5CA22DA0C,SHA256=8BC068B52E613ABCE490C57AF5F841F88150CA5D62BDC26C2D8F220A613842A6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.603{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=45B98F611C2E671D476E0028E90C6CC6,SHA256=6F9666561C85AAF409CA5C2E2A79DD5C555639C382AEB67D19708F64B9886E28,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179112Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:06.210{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E0C11BF1077EB2EBB3D6CA94F96A105C,SHA256=B49D4BD9420D53E834D46319F105B4B17CC2BF5588513BC575C88B115CEEFE60,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.240{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B757D908F7AC139027F20EF34A66FC20,SHA256=79E58AC0B22124917C4B75CC9174E01041E8AAC5704E20EE1EDB959F0F8EE6D3,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.098{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.098{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.098{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.098{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.098{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.098{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.098{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.098{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.098{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.098{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.097{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.097{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.097{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.097{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.097{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.096{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.096{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.096{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.096{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.096{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.096{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.096{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.096{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.095{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.094{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.094{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.094{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.094{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.094{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.094{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.094{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.094{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.094{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.094{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.093{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.093{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.093{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.093{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.093{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.093{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.093{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.092{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.091{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.088{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.087{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.087{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.087{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.087{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.087{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.087{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.086{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.086{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000257328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.065{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B789BAAA63D13DFA86CDEEA8835F7FE0,SHA256=F77B54DA6BA639964A4EAE06682E6C643DD9072BC0FB7190D47E2F64DB1388E1,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.063{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.063{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.055{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.055{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.053{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.053{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.053{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.052{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.052{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.051{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.051{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.051{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.050{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.050{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.050{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.050{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.050{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.050{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.050{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.049{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.049{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.049{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.049{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.049{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.048{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:06.048{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000179114Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:06.063{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53369-false10.0.1.12-8000- 23542300x8000000000000000179113Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:07.272{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=213E72888C71DCBD32319EB54AFD9170,SHA256=EE542F9DDD7F793A23E50649DD2E35B50DA7E75A5A3801161563A3AA23248112,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:07.624{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=69F58B62ADE1022EBBB0BFF5F3BA84FA,SHA256=F5E0701CF62361C6EA5C699729E54149B8D1EAA1E56C4E6A07EF06D757C9CB3A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179115Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:08.319{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=239CF2809A77D663D1D847B4C9D1A599,SHA256=7544B685234EE72A944DF77BDA3A411FB33235BEDB52CD926AEAA45C4C0D5C0B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:08.643{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1653572AADE1F5967A3124A51B19EA0D,SHA256=70CA014060598193885E9CA57D64E85D529A1EB4B4642723965DA7912B9D1AC3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179116Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:09.491{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D5FF656B57CAF6BA3A5EF60DAD892090,SHA256=5329FAFBC81BB590D06AB825FC7379E29133A886F526E22CB56A6ED948A24F80,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:09.649{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C8A1E63404A7011D526B12FDEA983F30,SHA256=B1E9732F0BBBEEEED5A03DF141708D9C38C44630D0380EC11F780496E437F206,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179117Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:10.616{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6F36EBF0594EC6162901B82D5967E3EF,SHA256=83EB6BA06B4D707344B71162E7F4A016559624C766C78C9CE4A6C5B9279294A2,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000257422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:08.290{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60351-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000257421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:10.675{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5F85F78C5A42362CF104C66C56D7ED7C,SHA256=92D00D812690468441B6C2A3153B105A4B2B7BB843FDEF3C89B69D078C739F10,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.685{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2377D11AAA8812E8F451FA2A7AF648A6,SHA256=7C194AD4D81E23367B242AAEC32E0982579E34DBC320D3F1B7B5797135B9B162,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179118Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:11.663{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FDC0DE80692BD7A3D4888434165B5D47,SHA256=0D851D94710EE814C85FC3B65A667C688F522BA23EA92693B6CE6DA48E90F758,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.377{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FF86F4BC0F2BB1F4254835055C174FE2,SHA256=513EC61F94863E65C03D164E892865B11C66DB34E5A53B5288C1E771F7D24DC7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.121{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.121{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.121{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.121{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.121{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.120{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.119{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.119{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.119{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.119{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.119{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.119{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.119{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.119{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.119{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.119{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.119{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.118{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.118{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.118{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.118{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.118{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.118{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.118{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.118{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.118{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.118{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.118{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.118{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.117{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.117{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.117{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.117{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.117{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.117{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.117{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.117{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.117{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.117{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.117{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.117{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.116{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.116{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.116{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.116{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.116{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.115{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.115{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.115{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.115{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.115{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.115{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.114{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.114{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.114{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.114{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.114{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.113{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.113{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000257465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.113{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A72996743D5D2498DD39CB0055148F93,SHA256=576A0BDD36ABC49D08314BB623DFEC6B412B256DBCB74FFD48EC38CD4E657986,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.113{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.113{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.113{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.113{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.113{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.112{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.112{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.112{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.112{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.112{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.112{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.103{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.103{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.103{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.103{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.103{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.102{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.102{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.102{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.101{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.101{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.101{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.101{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.101{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.101{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.101{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.100{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.100{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.100{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.100{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.100{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.100{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:11.099{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179119Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:12.710{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C630157B9EF9E46B97D28940B85FF37B,SHA256=5AC2145BCC3A6C4EA46520782E7F19334F0E5F79F962483AB54D4EFED8835060,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:12.699{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D26237AD5BF1525B486BC36256D8078A,SHA256=99D9ACB18CC3B154C13C151C9EBE3CED9D8F5D6300F6E799187B02A9CE0DF76E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179121Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:13.975{F0653C0F-C6EB-61E7-1100-000000002402}980NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.datMD5=D3E9713B142FCE2E10F5FB7C295F7958,SHA256=5BD991B12295E91E28E071299BBF9D4AF03C71B0FC0F6BCFCD709463B465A2E9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179120Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:13.788{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1A084F209C27AF7BCB534CC4E46897A9,SHA256=15D0B55AB56D76C9C9840C9D26D635F6B26923A3771A9D21FE5B120A960F773C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:13.703{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C0598D665A03A634F4E574117FC292A0,SHA256=BA2C6C322E78EBFF86D0914F411834AD7526225A0BB0C95A059E71BC72B0376C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179123Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:14.882{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=64B39DCD0A36E319F63013930D0FE2A9,SHA256=FCAB2F7463700CDC8E087DDFDF8CC1F0F96F96B6496C2BDFEBA98EA006E08549,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:14.748{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=277C67A104779964041AC512B0168C5F,SHA256=2DB79C77E93F9126B70ABA357DB07A2BE28E0008E4ACE509097ABA4DC013E6CD,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179122Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:11.983{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53370-false10.0.1.12-8000- 23542300x8000000000000000179124Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:15.897{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=369FDAA7F08E83EC231ED2BC7FC451CE,SHA256=1C1E1CBC6047EFB6BCFD811D0A167C242684C0E40FBEBD6D96334474295EE717,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000257543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:14.068{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60352-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000257542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:15.758{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7B13F77FADFB63DF14D739E14AD6A077,SHA256=6128C81926599B19EB6067C8E695B1A1205918B469CECC3AE7D22A71A69D617E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.771{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C16AF72B1E1354511BE86231EF105D0B,SHA256=1C67731D39D0653641790E210644357FC1ECCA777F7E57F69487B2EDE1FED4C9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179125Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:16.913{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9C5E6780228D2BE8296535212EB0D8E0,SHA256=B5C30790AF29B09F0D3B01971C66DD3DEB1F80B32ECCAF21D9EC7F191F7D142F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.243{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=89FB835EE429CFA9E5F5B02BF90FC795,SHA256=3D79BB613A7633BA99ADDC55D90014FC4B5941F2E7D1D332ABF40DCCDD0FFDA4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.154{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.154{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.154{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.154{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.154{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.154{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.154{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.153{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.153{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.153{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.153{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.153{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.153{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.153{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.153{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.152{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.152{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.152{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.152{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.152{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.150{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.149{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.148{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.148{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.148{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.148{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.148{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.148{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.148{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.148{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.148{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.148{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.148{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.147{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.147{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.147{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.147{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.147{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.147{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.147{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.147{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.146{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.146{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.146{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.146{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.146{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.146{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.146{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.146{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.145{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.145{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.145{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.145{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.145{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.145{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.145{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.144{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000257570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.142{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DFAB880BAF61095AF91B3D32609A709F,SHA256=C455C9BCA0EC3779AEFB0DD1CB547A4C6DD4E225B66D454B94F5A1B8085800C8,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.126{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.124{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.124{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.124{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.124{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.124{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.124{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.122{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.122{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.122{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.122{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:16.122{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000257660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:17.798{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=519B1718DB3C8F90E3C17B52F7317621,SHA256=C11E823641777009C38434E2D5549E6095623167806F3597E36BEC5AEEEA0BC5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179126Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:17.929{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0AD386D6524884D296E4A217DF92ABCA,SHA256=A3E9453BFB8227413170AB822FE577AA3E70557164DA32AA713F406ADECCA1ED,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179127Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:18.929{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E7444C676E377516B53F190C5878B55C,SHA256=8A0C7805EC104760B72F67267CA270C48782A7A276900DCBFD2F7FA30CD1902C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:18.802{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=98CE6D8EFCE16A5A7DD45027BB02D792,SHA256=6B14A2DD299DBE2FD46870C27924F4F132CEB1FF3A1A2212CE4F69AE61581A65,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:19.836{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1D32B150D8DE8F5143E8CC1980897F4B,SHA256=824685B1017C0DC0EF2E9F0599213F6EA31A9D3568BCE08204D4E9A0F0608609,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179129Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:19.944{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A597D8924BE7740AFDCA92391A848BD7,SHA256=0301CA9A67810A41198D9DE178B1126BADAE63F644269F14E349A0339D2FCC27,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179128Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:17.139{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53371-false10.0.1.12-8000- 23542300x8000000000000000257663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:19.698{ED6274ED-0D92-61E8-F709-000000002302}7808ATTACKRANGE\AdministratorC:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\Network Persistent State~RF11fa69c.TMPMD5=38A9AB95647C23178486F917019DA643,SHA256=7304D9BE67A4665A445416B64A09C343CFA1BACFE4518B586404CA8A2C85C85C,IMPHASH=00000000000000000000000000000000falsetrue 254200x8000000000000000257662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localT10992022-01-19 13:22:19.695{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exeC:\Users\Administrator\AppData\Roaming\discord\be74a141-05a8-408f-a83a-300c5ee1a232.tmp2022-01-19 13:09:48.1132022-01-19 13:22:19.666 23542300x8000000000000000179130Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:20.960{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BEE50740414F5FC1EDEFD62FC2CBEC0D,SHA256=473AE0A2D08B0DA3A5B823D100109548C7A326ADE9A17063E22D7B3FA64E7F9B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000257676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:19.269{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60353-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000257675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:20.844{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C45F4A9B99C0B1FE50ECA87C1593C8FA,SHA256=24BE887A1D8D223A6B9F5D6C45E62866EEC947E0085F8DD77AF75E28030737DD,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:20.501{ED6274ED-C83C-61E7-B500-000000002302}47006504C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:20.500{ED6274ED-C83C-61E7-B500-000000002302}47006504C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:20.500{ED6274ED-C83C-61E7-B500-000000002302}47006504C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:20.483{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62db0|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:20.482{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+47bc0|C:\Windows\System32\SHELL32.dll+62d6c|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:20.482{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:20.482{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:20.373{ED6274ED-C83C-61E7-B500-000000002302}47006504C:\Windows\Explorer.EXE{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:20.361{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000257665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:20.361{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000179131Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:21.975{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D799FEFF0151A3E31552686F27802329,SHA256=27ECBCD22D21E3D0CF4B0221EBBC61580D605D8CD41DF26187C2F054F8863E96,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.853{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=373D63A2F12D155E31BE3BDC1A7F7879,SHA256=706498CAB42652F557FA03BE40A10C372FEF3B46C2374DA940B299C4CE0034C4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.835{ED6274ED-C6F2-61E7-0D00-000000002302}9006584C:\Windows\system32\svchost.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000257791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.351{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=028A955C46EE064331CEE3E497402B48,SHA256=D2D791F697295245CD75A0D0ACDCEE91BC23C3FD4F71DA5596D1D8C291D2FC7F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.344{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5776C69CB90F1ECE3DF4D494AFF8657A,SHA256=FAC2EEFB0F6BDDA965C4227DC15EBC124A4654FA5FD80E1F47CF93397873F386,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.145{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.145{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.145{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.145{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.144{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.144{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.144{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.144{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.144{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.144{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.144{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.144{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.144{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.144{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.142{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.142{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.142{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.142{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.142{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.142{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.142{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.142{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.142{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.142{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.141{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.141{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.141{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.141{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.141{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.141{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.141{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.141{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.141{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.141{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.141{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.141{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.139{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.139{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.139{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.139{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.139{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.139{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.139{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.139{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.139{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.139{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.138{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.138{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.138{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.138{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.138{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.138{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.138{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.137{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.137{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.137{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.137{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.137{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.134{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.133{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.133{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.126{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.126{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.126{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.126{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.126{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.126{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.125{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.124{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.124{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.124{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.124{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.124{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.123{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.122{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:21.122{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000257795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:22.888{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EB36E1D3FA3621A77A0D0FBBD9229E24,SHA256=A816627748D8C29C859DF5A94D4631DA191F490064D433AC5B9405C980629028,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179158Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-108E-61E8-2809-000000002402}1648C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179157Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179156Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179155Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179154Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179153Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179152Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179151Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179150Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179149Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179148Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-108E-61E8-2809-000000002402}1648C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179147Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-108E-61E8-2809-000000002402}1648C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179146Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.992{F0653C0F-108E-61E8-2809-000000002402}1648C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000179145Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.492{F0653C0F-108E-61E8-2709-000000002402}18001008C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179144Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.319{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-108E-61E8-2709-000000002402}1800C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179143Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.319{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179142Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.319{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179141Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.319{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179140Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.319{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179139Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.319{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179138Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.319{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179137Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.319{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179136Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.319{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179135Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.319{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179134Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.319{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-108E-61E8-2709-000000002402}1800C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179133Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.319{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-108E-61E8-2709-000000002402}1800C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179132Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.320{F0653C0F-108E-61E8-2709-000000002402}1800C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000257794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:22.069{ED6274ED-C6F3-61E7-1300-000000002302}704NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.datMD5=05B20B7AFCBA266F63CBA9734A74F161,SHA256=906167ACA76AD90B92CB5E42C25F3F81E7D23A6EBD090ADBC8131933B2510DFB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:23.908{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E24F1D1A70F8BC3C31A0103377E6F248,SHA256=473ED8F0D2E3BEAF6BAE8A7E62204AEEE42ED315066E1D46B2E9572A3A38C162,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179174Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.522{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-108F-61E8-2909-000000002402}1948C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179173Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.522{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179172Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.522{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179171Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.522{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179170Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.522{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179169Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.522{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179168Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.522{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179167Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.522{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179166Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.522{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179165Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.522{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179164Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.522{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-108F-61E8-2909-000000002402}1948C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179163Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.522{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-108F-61E8-2909-000000002402}1948C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179162Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.523{F0653C0F-108F-61E8-2909-000000002402}1948C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179161Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.350{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=44793661FEBB0AA548F4565C06271011,SHA256=DFB71976743786BD1182DF367B4457B765507F487BF5D92226D23686DF16C916,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179160Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.350{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=F2C416B6E03354D26943F603E2CC8767,SHA256=5C727F43CE475AC47B4E63750DE1DACD0E80B0A01A821434AFED301D3D14083A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179159Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:22.991{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4EC16FD0575CF659000D6B80B8A3979A,SHA256=CCCFEA5BED865BAE639C0F24A0262B5142436A71A29E3674349D41538EFC4E8F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:24.922{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B301FF819AA7EE9FC2FBF2CB21FD2852,SHA256=01C295429F96F6AF29C65849F448249F302DC68BA2B216152A7BEB85B88FB74D,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179177Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:23.061{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53372-false10.0.1.12-8000- 23542300x8000000000000000179176Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:24.616{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=44793661FEBB0AA548F4565C06271011,SHA256=DFB71976743786BD1182DF367B4457B765507F487BF5D92226D23686DF16C916,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179175Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:24.007{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0B6D572E961F195F3CA39CD733E08098,SHA256=92D5A80978D7F3BBDC9E5B9E2D24B94A5BC47EECA5F89DD813F3BF2ABF45B610,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179178Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:25.116{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=81FD57C03474F8A1092C78E0408ED356,SHA256=94A6BE31740E47E93F51E3DFF98FFDB25F8EA2A7F322E9B02F33EF02E5F1DD19,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:25.936{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1C887CE615E397A0AC6B49CEA9F6F46F,SHA256=DECA9A8DC7E2CF4B45489B010EFE6F3ECDF361169799FBC96F4084EA5BF3777C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.937{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7D86711BD3E044057E8855E80F57011B,SHA256=A96F012DF4BDE33D1D25A50A76C6892A5E9203C177082023CABFE5AFF36E09ED,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.267{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=56A58FF4D552400C11D0983C36D70B64,SHA256=D9D7F6A7AA83714DC09AFFC81FC0544A9CECE271969C138830EFBB94521D4DFD,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.184{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.184{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000179193Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.913{F0653C0F-1092-61E8-2A09-000000002402}6963720C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179192Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.710{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1092-61E8-2A09-000000002402}696C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179191Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.710{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179190Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.710{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179189Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.710{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179188Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.710{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179187Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.710{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179186Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.710{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179185Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.710{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179184Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.710{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179183Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.710{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179182Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.710{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-1092-61E8-2A09-000000002402}696C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179181Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.710{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1092-61E8-2A09-000000002402}696C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179180Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.711{F0653C0F-1092-61E8-2A09-000000002402}696C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179179Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:26.241{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=711F0B3430ACB92BAB5EA10C71655647,SHA256=1C2219BA07BA0362CD66B6ABBCFD882B05819CF94EF89325CB9AF8E5470F34E9,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.184{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.184{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.184{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.184{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.184{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.184{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.184{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.184{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.183{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.183{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.183{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.183{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:26.136{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000257799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:24.272{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60354-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000257916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:27.952{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=221D5C71520B4322970E6FB2BD042FDE,SHA256=7C550E61BB32CA1869BBFDAE287A406240EB60B3918FEFD3A1EFE34BAE2F6669,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179222Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.897{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1093-61E8-2C09-000000002402}3468C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179221Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.897{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179220Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.897{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179219Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.897{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179218Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.897{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179217Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.897{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179216Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.897{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179215Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.897{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179214Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.897{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179213Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.897{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179212Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.897{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-1093-61E8-2C09-000000002402}3468C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179211Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.897{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1093-61E8-2C09-000000002402}3468C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179210Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.898{F0653C0F-1093-61E8-2C09-000000002402}3468C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179209Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.757{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=DD35208CDBA0D3E273639191C8D0E37A,SHA256=6FB08B3B1459140281C81C8CE2F87AA22B8437A4846A6E8E423234894B245453,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179208Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.585{F0653C0F-1093-61E8-2B09-000000002402}19643500C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000179207Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.397{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AE8895916A069DB1E602A2C2D99B317B,SHA256=92E6E8B5CB9C84BCAF641843CBE26E30B1CA8887F32F68B41B03C0406B4F9CCC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179206Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.382{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1093-61E8-2B09-000000002402}1964C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179205Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179204Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179203Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179202Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179201Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179200Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179199Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179198Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179197Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.382{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179196Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.382{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-1093-61E8-2B09-000000002402}1964C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179195Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.382{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1093-61E8-2B09-000000002402}1964C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179194Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:27.383{F0653C0F-1093-61E8-2B09-000000002402}1964C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000257915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:27.755{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\respondent-20220119080839-305MD5=31AE3B99E9722C70B2B0BF5629B78D35,SHA256=018F3996AECFCFD96518A9A6A1237881C0D4A214E94965D02F176A723ABECB27,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:28.967{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E67BDCAA42445312AA0FEE4243F83DF5,SHA256=BAE7A40DFA49F92F2230693B797C3FD4797D5C0DF823C0B12002A8E7C185FEAE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179224Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:28.522{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2D8A2DD8CD44288238F520BFF399EE62,SHA256=D9E95200C0E9DFC11C4273A2282B683B82B49CD1C6978BFFBB2F30A7EF26E88E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:28.768{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\surveyor-20220119080836-306MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179223Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:28.054{F0653C0F-1093-61E8-2C09-000000002402}34683348C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000257919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:29.973{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=99C42AF126FF0FE7989CF00EB7EB54B7,SHA256=B50F2D1FD1E4C68F7EEE596C85AEA0F97188A8FB7E9097AC54B6C2B3635B2AA4,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179240Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:28.139{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53373-false10.0.1.12-8000- 23542300x8000000000000000179239Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.585{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D0626DF86AD3FDF28D0E8BFF4610FCAE,SHA256=76535CC7A6523858EACD5AF3DDAF77CA501320DA798A3B33D74426D67797666E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179238Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.069{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=C8A1A53CBEA3285E4D97973A43621099,SHA256=6182C0A7422F6EED8D0E45BA42DBE7A12C4906A4B8620C9B87319F487BA4C1D7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179237Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.022{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1095-61E8-2D09-000000002402}3140C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179236Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179235Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179234Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179233Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179232Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179231Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179230Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179229Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179228Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179227Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.022{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-1095-61E8-2D09-000000002402}3140C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179226Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.022{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1095-61E8-2D09-000000002402}3140C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179225Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:29.023{F0653C0F-1095-61E8-2D09-000000002402}3140C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179241Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:30.647{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8439CFA46CAD1B946D60D592ADBDE5F9,SHA256=30F318195449C25882585DFB8FE75AD83ECF8FC8E10434882321E6199C211BAC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000257920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:30.990{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=64755033236D35AB0F7DF7E7D81B16B9,SHA256=DAA71803D885DE7819CB0A9FC09E0079BE4F5F52AF01C4E2EA66B51C962EA237,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179242Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:31.725{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=49947E763FCAEAC8788D1FC30A7161A8,SHA256=998681CEDE9CC4BF71D56632AA0A841A2481B4CA691AA5083DE6C818002F92C8,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000258036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:30.206{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60355-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000258035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.371{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F5B88E75584D4698190EBAAF19C80A09,SHA256=71DD0F64C533EC656AC11F66AB5D77945A16BBCFFD0FB906146EDFD3134B2944,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000257979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CA1337F9FF0107CA92584953DCD8982A,SHA256=C5A0C40C7F68D35CF37DE733112C7BDD895247DE661601C6795990365F46CE54,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000257978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.155{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000257972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000257946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000257921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:31.140{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179243Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:32.757{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1537ADCBB07AEF500ADBCAE495B36851,SHA256=524CCB3499338E31EB0CD6EFEC82EFD46E871C10A93CBFF0EA11D40CB10DD481,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:32.008{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=758AAE92F7AC601C32287E70530B21E0,SHA256=CCE6F740B1DFC4A4F38F115E708BD0DA527BDEC3BB1B626CE80AE1C59C3BB7D0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179244Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:33.788{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=32D60E144A5BC1D165DF1935C5EF6A37,SHA256=88878A951F37F0DACAC1B111C96628A04C98238C675DA5766317DDC1E80D88C4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:33.023{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C87A3B3E6E3DC8DA388F76F70053A242,SHA256=E5A7D58C32CEDEA084C9D77E4D6F2519EFB10F106BFAC47519DE46D05221FAD5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179245Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:34.819{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=53D91BAF7746735ED45CB0316E1A7F6E,SHA256=4BF580ECBF7A10E415E094EFCEA4B5BF037F43FFE9AF4ED8A72BA2D7C8F3A11E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:34.053{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=41374FB2922DBDEEBF50F6ED6499DE3D,SHA256=CED46C032EDD4647068E3415B2740E574A8C394883ABAEBAACAD78F281FD5B40,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179246Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:35.850{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E7F5172CF9DE8993CA6103F4EC020828,SHA256=A591F403A071EA4D977927E971A49966008598A900A18F1A6BE9C0721A2AE70A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:35.068{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F8F2E11692DF3F4DAF67A77D5B2F8FF2,SHA256=419CC5EA7F8FC7715D54352AF866F17FE7A836B619F7BBF362E3BE2E76C3554D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179247Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:36.866{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FAECE6F860B5064444B47D9E798EF39D,SHA256=3A8D3EA5A3C1792CF66B4325C684C60051BF3F016CA77A8BE60004481CF3C5EA,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.704{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.704{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000258217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.604{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B492D07A5E2AA4439057549418E4307F,SHA256=D6A87900C8D86BA72EA9C17D2749E39E8064045191ADB3BA4EA28E6F3FC1CA63,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.488{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000258215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.467{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=16C21AEAC3AB0779360127439993ECD9,SHA256=F1C87C9C3B17F09B48AE328FC43F4B948436018A26A4A013EBFC6CAFC22F23A0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 13241300x8000000000000000258213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDBSetValue2022-01-19 13:22:36.204{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exeHKU\S-1-5-21-1045181283-1041755688-4012098945-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\C:\Temp\new\stage2.exeBinary Data 10341000x8000000000000000258212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-C6F3-61E7-1100-000000002302}83704C:\Windows\System32\svchost.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\pcasvc.dll+52e4|c:\windows\system32\pcasvc.dll+58a9|c:\windows\system32\pcasvc.dll+5b49|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-C6F3-61E7-1100-000000002302}83704C:\Windows\System32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1440C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+5bab|c:\windows\system32\pcasvc.dll+5b07|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-C837-61E7-A600-000000002302}34043900C:\Windows\system32\csrss.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-C83C-61E7-B500-000000002302}47006460C:\Windows\Explorer.EXE{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Windows\System32\windows.storage.dll+a912f|C:\Windows\System32\windows.storage.dll+a8da5|C:\Windows\System32\windows.storage.dll+a8896|C:\Windows\System32\windows.storage.dll+a9d08|C:\Windows\System32\windows.storage.dll+a86be|C:\Windows\System32\windows.storage.dll+ab4d5|C:\Windows\System32\windows.storage.dll+ab854|C:\Windows\System32\windows.storage.dll+aae90|C:\Windows\System32\windows.storage.dll+ad6ba|C:\Windows\System32\windows.storage.dll+ad472|C:\Windows\System32\SHELL32.dll+3f8bd|C:\Windows\System32\SHELL32.dll+3e456|C:\Windows\System32\SHELL32.dll+801e1|C:\Windows\System32\SHELL32.dll+6717e|C:\Windows\System32\SHELL32.dll+18ce6c|C:\Windows\System32\SHELL32.dll+18cbc3|C:\Windows\System32\SHCORE.dll+33fad|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 154100x8000000000000000258154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.202{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe10.0.18362.1500ПроводникОперационная система Microsoft® Windows®Microsoft CorporationTbopbh.exe"C:\Temp\new\stage2.exe" C:\Temp\new\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=14C8482F302B5E81E3FA1B18A509289D,SHA256=DCBBAE5A1C61DBBBB7DCD6DC5DD1EB1169F5329958D38B58C3FD9384081C9B78,IMPHASH=F34D5F2D4577ED6D9CEEC516C1F5A744{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\explorer.exeC:\Windows\Explorer.EXE /NOUACCHECK 10341000x8000000000000000258153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.188{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.167{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.151{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:36.035{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000179249Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:37.882{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A5568E9613D133E8E58C3C729BC50D0B,SHA256=5B69E0AE61E241ADB19EDB35B4F046FB677D8E1FB07617E8863346692263DAC6,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179248Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:34.045{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53374-false10.0.1.12-8000- 11241100x8000000000000000258243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.995{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Temp\2\__PSScriptPolicyTest_ahjbuvff.i1v.ps12022-01-19 13:22:37.995 10341000x8000000000000000258242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.975{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.968{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.483{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.431{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-109D-61E8-860A-000000002302}1172C:\Windows\system32\conhost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.431{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-109D-61E8-860A-000000002302}1172C:\Windows\system32\conhost.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.427{ED6274ED-109D-61E8-860A-000000002302}11727988C:\Windows\system32\conhost.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.416{ED6274ED-C837-61E7-A600-000000002302}3404372C:\Windows\system32\csrss.exe{ED6274ED-109D-61E8-860A-000000002302}1172C:\Windows\system32\conhost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\SYSTEM32\CSRSRV.dll+1a30|C:\Windows\SYSTEM32\CSRSRV.dll+5c09|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.413{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-109D-61E8-860A-000000002302}1172C:\Windows\system32\conhost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.407{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.407{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.407{ED6274ED-C837-61E7-A600-000000002302}3404372C:\Windows\system32\csrss.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.407{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.407{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.406{ED6274ED-109C-61E8-840A-000000002302}316336C:\Temp\new\stage2.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\wow64.dll+10c0b|C:\Windows\System32\wow64.dll+10499|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6f66c(wow64)|C:\Windows\System32\KERNELBASE.dll+d9278(wow64)|C:\Windows\System32\KERNELBASE.dll+d7f5c(wow64)|C:\Windows\System32\windows.storage.dll+12427f(wow64)|C:\Windows\System32\windows.storage.dll+123f9f(wow64)|C:\Windows\System32\windows.storage.dll+123ce7(wow64)|C:\Windows\System32\windows.storage.dll+124cd5(wow64)|C:\Windows\System32\windows.storage.dll+123b11(wow64)|C:\Windows\System32\windows.storage.dll+125eea(wow64)|C:\Windows\System32\windows.storage.dll+1262f7(wow64)|C:\Windows\System32\windows.storage.dll+125915(wow64)|C:\Windows\System32\shell32.dll+1711b4(wow64)|C:\Windows\System32\shell32.dll+17108e(wow64)|C:\Windows\System32\shell32.dll+1ae43a(wow64)|C:\Windows\System32\shcore.dll+2fffa(wow64) 154100x8000000000000000258228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.398{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe10.0.14393.206 (rs1_release.160915-0644)Windows PowerShellMicrosoft® Windows® Operating SystemMicrosoft CorporationPowerShell.EXE"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBzACAAMQAwAA==C:\Temp\new\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=65D86C34814C02569E2AD53FD24E7F61,SHA256=8133502266008B77DE7921451E1210B0EF3F0ED2DB7D8D3EE0C3350D856FA6FA,IMPHASH=5E0145CEF36FA9BFBA7DE33AA683B8ED{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe"C:\Temp\new\stage2.exe" 10341000x8000000000000000258227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.398{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.391{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+26327|C:\Windows\system32\lsasrv.dll+2746d|C:\Windows\system32\lsasrv.dll+261a5|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.391{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\lsasrv.dll+260ed|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.355{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000258223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.190{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=C417E7AF988FB5260FFE19F1ED3EE8A8,SHA256=3945F093BBCF5150334A114B89DA4525C6F2627C521A29D01D326199EEE0B8F5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.190{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=A585D4F29C83C61FFADEF1D831F5E2B1,SHA256=FC05AA7957AEE0F0EA386F5D15D01C695C3BFF27974273F338D4017DB9EE42DF,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000258221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:35.285{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60356-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000258220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:37.159{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2C9FEF03390B2A23082D91F06AB4A34C,SHA256=3F74B84C631F46B882BFB99CDA762D1FB2498CB915A09A77F70848C434B2306E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179250Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:38.913{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E74CCD9C0172B4339D9258573BBE9C65,SHA256=DA652315F823AB602C0BC25A30985DFE82FCDD8D394A709C746505B4E9669F70,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:38.534{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:38.534{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:38.455{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+26327|C:\Windows\system32\lsasrv.dll+2746d|C:\Windows\system32\lsasrv.dll+261a5|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:38.455{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\lsasrv.dll+260ed|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000258248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:38.414{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=C417E7AF988FB5260FFE19F1ED3EE8A8,SHA256=3945F093BBCF5150334A114B89DA4525C6F2627C521A29D01D326199EEE0B8F5,IMPHASH=00000000000000000000000000000000falsetrue 17141700x8000000000000000258247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:22:38.180{ED6274ED-109D-61E8-850A-000000002302}7324\PSHost.132870721573982797.7324.DefaultAppDomain.powershellC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 23542300x8000000000000000258246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:38.177{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D678186288F85959864B026C1A1B25A5,SHA256=B8E1419A789893394B182823DCE5734B8EEFF72702C868D21C9DBEA67F5D8DA6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:38.164{ED6274ED-109D-61E8-850A-000000002302}7324ATTACKRANGE\AdministratorC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Temp\2\__PSScriptPolicyTest_j0wnvqwk.01e.psm1MD5=D17FE0A3F47BE24A6453E9EF58C94641,SHA256=96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:38.163{ED6274ED-109D-61E8-850A-000000002302}7324ATTACKRANGE\AdministratorC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Temp\2\__PSScriptPolicyTest_ahjbuvff.i1v.ps1MD5=D17FE0A3F47BE24A6453E9EF58C94641,SHA256=96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:39.182{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F989283E378C53758256412388AFA17A,SHA256=815BB2F80CD577E75AC2C387DA9B12D5DB3D5437C2064687397DA052ED0330BA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:39.003{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-PowerShell_OperationalMD5=5C67F17BFC367FA77BE7D092C9FF6E64,SHA256=0CB1399AED0D634899315B932A25F944032D2E6939E846D97A6B948EC206390E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:40.218{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9FA554C316B4BD746E73457A62A7702A,SHA256=A66F70188A8161D8E6CC110599C8A28D825C29171B8FB278AF6DEC854CA2FD65,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179251Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:40.007{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B4DFB6C2C22441B63D6A5FCA79230269,SHA256=E4C0F299C56FC34E8A30BC3E35D50E6A01E10021871011FFF3DBA09FE5D6FFD3,IMPHASH=00000000000000000000000000000000falsetrue 17141700x8000000000000000258408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:22:41.979{ED6274ED-10A1-61E8-880A-000000002302}7644\PSHost.132870721617840327.7644.DefaultAppDomain.powershellC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 23542300x8000000000000000258407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.948{ED6274ED-10A1-61E8-880A-000000002302}7644ATTACKRANGE\AdministratorC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Temp\2\__PSScriptPolicyTest_slm4bvic.u50.psm1MD5=D17FE0A3F47BE24A6453E9EF58C94641,SHA256=96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.948{ED6274ED-10A1-61E8-880A-000000002302}7644ATTACKRANGE\AdministratorC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Temp\2\__PSScriptPolicyTest_bvmpysh0.jwl.ps1MD5=D17FE0A3F47BE24A6453E9EF58C94641,SHA256=96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7,IMPHASH=00000000000000000000000000000000falsetrue 11241100x8000000000000000258405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.932{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Temp\2\__PSScriptPolicyTest_bvmpysh0.jwl.ps12022-01-19 13:22:41.932 10341000x8000000000000000258404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.901{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.895{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.879{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.801{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-10A1-61E8-890A-000000002302}8156C:\Windows\system32\conhost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.801{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-10A1-61E8-890A-000000002302}8156C:\Windows\system32\conhost.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.801{ED6274ED-10A1-61E8-890A-000000002302}81567736C:\Windows\system32\conhost.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.797{ED6274ED-C837-61E7-A600-000000002302}3404372C:\Windows\system32\csrss.exe{ED6274ED-10A1-61E8-890A-000000002302}8156C:\Windows\system32\conhost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\SYSTEM32\CSRSRV.dll+1a30|C:\Windows\SYSTEM32\CSRSRV.dll+5c09|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.779{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-10A1-61E8-890A-000000002302}8156C:\Windows\system32\conhost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.779{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.779{ED6274ED-C837-61E7-A600-000000002302}3404372C:\Windows\system32\csrss.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.779{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.779{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.779{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.779{ED6274ED-10A1-61E8-870A-000000002302}51326804C:\Temp\new\stage2.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\wow64.dll+10c0b|C:\Windows\System32\wow64.dll+10499|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6f66c(wow64)|C:\Windows\System32\KERNELBASE.dll+d9278(wow64)|C:\Windows\System32\KERNELBASE.dll+d7f5c(wow64)|C:\Windows\System32\windows.storage.dll+12427f(wow64)|C:\Windows\System32\windows.storage.dll+123f9f(wow64)|C:\Windows\System32\windows.storage.dll+123ce7(wow64)|C:\Windows\System32\windows.storage.dll+124cd5(wow64)|C:\Windows\System32\windows.storage.dll+123b11(wow64)|C:\Windows\System32\windows.storage.dll+125eea(wow64)|C:\Windows\System32\windows.storage.dll+1262f7(wow64)|C:\Windows\System32\windows.storage.dll+125915(wow64)|C:\Windows\System32\shell32.dll+1711b4(wow64)|C:\Windows\System32\shell32.dll+17108e(wow64)|C:\Windows\System32\shell32.dll+1ae43a(wow64)|C:\Windows\System32\shcore.dll+2fffa(wow64) 154100x8000000000000000258390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.784{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe10.0.14393.206 (rs1_release.160915-0644)Windows PowerShellMicrosoft® Windows® Operating SystemMicrosoft CorporationPowerShell.EXE"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBzACAAMQAwAA==C:\Temp\new\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=65D86C34814C02569E2AD53FD24E7F61,SHA256=8133502266008B77DE7921451E1210B0EF3F0ED2DB7D8D3EE0C3350D856FA6FA,IMPHASH=5E0145CEF36FA9BFBA7DE33AA683B8ED{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe"C:\Temp\new\stage2.exe" 10341000x8000000000000000258389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.779{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.764{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+26327|C:\Windows\system32\lsasrv.dll+2746d|C:\Windows\system32\lsasrv.dll+261a5|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.764{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\lsasrv.dll+260ed|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.748{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.717{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.717{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.717{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.664{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.664{ED6274ED-C6F3-61E7-1100-000000002302}83704C:\Windows\System32\svchost.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\pcasvc.dll+52e4|c:\windows\system32\pcasvc.dll+58a9|c:\windows\system32\pcasvc.dll+5b49|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.664{ED6274ED-C6F3-61E7-1100-000000002302}83704C:\Windows\System32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1440C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+5bab|c:\windows\system32\pcasvc.dll+5b07|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e|C:\Windows\System32\RPCRT4.dll+20cc7|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.664{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.664{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.664{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.664{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.664{ED6274ED-C837-61E7-A600-000000002302}34043900C:\Windows\system32\csrss.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.664{ED6274ED-C83C-61E7-B500-000000002302}47007504C:\Windows\Explorer.EXE{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Windows\System32\windows.storage.dll+a912f|C:\Windows\System32\windows.storage.dll+a8da5|C:\Windows\System32\windows.storage.dll+a8896|C:\Windows\System32\windows.storage.dll+a9d08|C:\Windows\System32\windows.storage.dll+a86be|C:\Windows\System32\windows.storage.dll+ab4d5|C:\Windows\System32\windows.storage.dll+ab854|C:\Windows\System32\windows.storage.dll+aae90|C:\Windows\System32\windows.storage.dll+ad6ba|C:\Windows\System32\windows.storage.dll+ad472|C:\Windows\System32\SHELL32.dll+3f8bd|C:\Windows\System32\SHELL32.dll+3e456|C:\Windows\System32\SHELL32.dll+801e1|C:\Windows\System32\SHELL32.dll+6717e|C:\Windows\System32\SHELL32.dll+18ce6c|C:\Windows\System32\SHELL32.dll+18cbc3|C:\Windows\System32\SHCORE.dll+33fad|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000258373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.665{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe10.0.18362.1500ПроводникОперационная система Microsoft® Windows®Microsoft CorporationTbopbh.exe"C:\Temp\new\stage2.exe" C:\Temp\new\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=14C8482F302B5E81E3FA1B18A509289D,SHA256=DCBBAE5A1C61DBBBB7DCD6DC5DD1EB1169F5329958D38B58C3FD9384081C9B78,IMPHASH=F34D5F2D4577ED6D9CEEC516C1F5A744{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\explorer.exeC:\Windows\Explorer.EXE /NOUACCHECK 23542300x8000000000000000258372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.517{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EDE6854CC3F098EC2B00356165A0B3CA,SHA256=3CD0076A6F04988B27C15371E59220F79DE0F810AD484EF2D7E3F42B67263617,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179253Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:39.186{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53375-false10.0.1.12-8000- 23542300x8000000000000000179252Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:41.022{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E59FB41BF3B8F3587F78C6E12A63E300,SHA256=323465741508D09B346744F48EFB50849DA5E3F71A6F5B907816D0DF8762B1B3,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-109D-61E8-860A-000000002302}1172C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.180{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.164{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000258415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:42.678{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-PowerShell_OperationalMD5=464BA0B7D78DD31608C826A9810E1E76,SHA256=419C6F228215DD2F96264D4F74F75393A65BE829396A88D73266BFE263926F77,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:42.678{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=922047C70C85C54B981330AECCF53EA0,SHA256=FC471D72FFC0A1778AD2E1E4801F5DD4413BDF183596779F737950CD4470D022,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:42.647{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5FE4054C533153A6CF725393BD0EC283,SHA256=695DF2B1AA3D1F0CBF8EA7F4B3E590227E3A253D96E8E691C4785547B3737C5A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179254Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:42.069{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=240BE4306CAD04FD3509832978B297C0,SHA256=015692ADFA45551533E65E168EFF22C61065131F032531BE4686607B6428DD6E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:42.079{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:42.079{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:42.032{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+26327|C:\Windows\system32\lsasrv.dll+2746d|C:\Windows\system32\lsasrv.dll+261a5|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:42.032{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\lsasrv.dll+260ed|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000258417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:43.677{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DDC31060217165CBB17185464D657D3E,SHA256=7D36A144AFEFA23497AE6D40BECEB036BBF301AD46AA0D63553427663C175FC5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179255Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:43.100{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1746175822E3C3B44B69C27373581BB0,SHA256=00C2304313ED7F4345A2ECC906420E299C83DA4B32B113EAD664D5D69C791C4C,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000258416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:41.129{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60357-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000258418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:44.698{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DBD007D386C46123889103BBAEE919B7,SHA256=57B3CB521C06AB3A24E3C34EA3EBD6500B644270996D35C6F81DD5C3DDC108B1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179256Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:44.116{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6A91E80C78393BC7416D585BFE4E2AD3,SHA256=5DB26A770D76453C9FE3D80074F2DE7F03C6547B274D5BFC977B1E95638B2815,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179257Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:45.304{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=98393FEAD9721FD881682D1C3B16415B,SHA256=83508056422AB70DEC39EE4C609A30806C59EC20A7B0D00B4666A229C58F68CD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:45.714{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=97F64C636832C96A2ABFDAFB2BAF1E7A,SHA256=6EE6FDAD2F31BB8337237662098B79441AD7AC2C985CAE3B8E8C0518EC4DCD27,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.729{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=36A71E1E0ABD9A3B917F9BBBD1844CE8,SHA256=C9B77FF6CE4E9A6733D1B59D9E65B5528F3CA17FAB4277480F225BD0B84728DA,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179259Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:45.061{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53376-false10.0.1.12-8000- 23542300x8000000000000000179258Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:46.319{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0073E6688FD30EAF7B64F0BE897ECA65,SHA256=628F42004FD0052BB7FF5FFE00EB91AA49E8965B65DB31BF8B3C8A0576A29F0F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.445{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=14989AB50C755A3FD26F68A08E8D50CB,SHA256=F56EC9DFA41D4A89322329D464CE55F519A144427CBAE0286B54862929137786,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.245{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EE6D15F6AB2C59F46F39CB4422B3A7A2,SHA256=D2B9F81F6BCF2B7E425F6544C6964CEA2B693004A6CFCC2295A0809A80277969,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10A1-61E8-890A-000000002302}8156C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-109D-61E8-860A-000000002302}1172C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-109D-61E8-850A-000000002302}7324C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000258453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E9580B1FF4A307A4C2FEEBAB266B7831,SHA256=FCE5A6236395414D864E7A0D1EC24F18A3860CDDAB0B9980C05CFEE5F7AA27FC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.198{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.194{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.194{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.176{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000258544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:47.744{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B342839C5331C667A569BF27DA56195E,SHA256=CD5A263F3366F67B2DA0D3060894AE00C3108641708560D2C75EC8BE6F18D298,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179260Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:47.335{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=54BBCBCDB24CB01E99B38C1B01B6D85F,SHA256=90168D990DB31F779A831F9227A368A9E598E9A3CE5958312265F6B9CE5A9AB2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:47.729{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=A5A7B0C3C2DF29ADE0C29B03920E7002,SHA256=E3BFAFFA520B83DB3C2D9F151BD20ACFB7EACF2A3CBFFB8B40E20A2FF1007B2D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.977{ED6274ED-109D-61E8-850A-000000002302}7324ATTACKRANGE\AdministratorC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractiveMD5=446DD1CF97EABA21CF14D03AEBC79F27,SHA256=A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.745{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BD655A55D687A6C91C47AF76A4E19D1C,SHA256=953414577587E3706652AE2625F8A5DF016060C7360F6A7B868DFF51FC007609,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179261Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:48.335{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CFF44D7EB53F6133F5CA6EE459E045D8,SHA256=B4E22A82C3D4391F992A0127910E1801397841F8A95E05B03BFB98269AF267A1,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.697{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10A8-61E8-8A0A-000000002302}7712C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.695{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.695{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.695{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.694{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.694{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-10A8-61E8-8A0A-000000002302}7712C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.694{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10A8-61E8-8A0A-000000002302}7712C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000258548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.692{ED6274ED-10A8-61E8-8A0A-000000002302}7712C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 354300x8000000000000000258547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:46.261{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60358-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000258546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.044{ED6274ED-C83B-61E7-AD00-000000002302}41846904C:\Windows\System32\RuntimeBroker.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\System32\combase.dll+380db|C:\Windows\System32\TokenBroker.dll+1158a|C:\Windows\System32\TokenBroker.dll+d335|C:\Windows\System32\TokenBroker.dll+d669|C:\Windows\System32\TokenBroker.dll+1ff53|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+54193|C:\Windows\System32\combase.dll+129f|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+8ab6b|C:\Windows\System32\combase.dll+8c0b2|C:\Windows\System32\combase.dll+39b43|C:\Windows\System32\combase.dll+8c1cd|C:\Windows\System32\combase.dll+37f1c|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+3534e 10341000x8000000000000000258545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.044{ED6274ED-C83B-61E7-AD00-000000002302}41846904C:\Windows\System32\RuntimeBroker.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\System32\combase.dll+380db|C:\Windows\System32\TokenBroker.dll+22ee6|C:\Windows\System32\TokenBroker.dll+114b3|C:\Windows\System32\TokenBroker.dll+d335|C:\Windows\System32\TokenBroker.dll+d669|C:\Windows\System32\TokenBroker.dll+1ff53|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+54193|C:\Windows\System32\combase.dll+129f|C:\Windows\System32\RPCRT4.dll+651cb|C:\Windows\System32\combase.dll+3b22c|C:\Windows\System32\combase.dll+3aee2|C:\Windows\System32\combase.dll+8ab6b|C:\Windows\System32\combase.dll+8c0b2|C:\Windows\System32\combase.dll+39b43|C:\Windows\System32\combase.dll+8c1cd|C:\Windows\System32\combase.dll+37f1c|C:\Windows\System32\combase.dll+36c4f|C:\Windows\System32\combase.dll+52179|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd 23542300x8000000000000000179262Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:49.350{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=30B3B2460B9C47FEB8B29B04D86E492E,SHA256=FC4BFE00CD2193C9BB2290149514687E6D705D0D46DE07F59A520BD0468A80C0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.613{ED6274ED-10A9-61E8-8D0A-000000002302}45722628C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.460{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.460{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.413{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+26327|C:\Windows\system32\lsasrv.dll+2746d|C:\Windows\system32\lsasrv.dll+261a5|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.413{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\lsasrv.dll+260ed|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 17141700x8000000000000000258591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:22:49.394{ED6274ED-10A9-61E8-8B0A-000000002302}3644\PSHost.132870721690080950.3644.DefaultAppDomain.powershellC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 354300x8000000000000000258590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.135{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60360-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local49666- 354300x8000000000000000258589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.135{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcptruetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60360-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local49666- 354300x8000000000000000258588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.134{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60359-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local135epmap 354300x8000000000000000258587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.134{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcptruetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60359-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local135epmap 10341000x8000000000000000258586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.360{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10A9-61E8-8D0A-000000002302}4572C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.360{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.360{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.360{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.360{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.360{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-10A9-61E8-8D0A-000000002302}4572C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.360{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10A9-61E8-8D0A-000000002302}4572C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000258579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.364{ED6274ED-10A9-61E8-8D0A-000000002302}4572C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000258578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.345{ED6274ED-10A9-61E8-8B0A-000000002302}3644ATTACKRANGE\AdministratorC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Temp\2\__PSScriptPolicyTest_3le5f2qu.y14.psm1MD5=D17FE0A3F47BE24A6453E9EF58C94641,SHA256=96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.345{ED6274ED-10A9-61E8-8B0A-000000002302}3644ATTACKRANGE\AdministratorC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Temp\2\__PSScriptPolicyTest_05sjecps.qja.ps1MD5=D17FE0A3F47BE24A6453E9EF58C94641,SHA256=96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7,IMPHASH=00000000000000000000000000000000falsetrue 11241100x8000000000000000258576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.298{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Temp\2\__PSScriptPolicyTest_05sjecps.qja.ps12022-01-19 13:22:49.298 10341000x8000000000000000258575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.245{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.214{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.161{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000258572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.061{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=0099860BC1AEFDB1ABF9FDFA04AB7565,SHA256=EC7DC246459A4055F243CCA2CEDA174263B2F8EEFE3E5163A8E59FBB4968160E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.061{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=CDEAE543DF37108BB2CDBAA152163FB5,SHA256=2345F398CA1F32FCD336D95A93AE80F29012B30F861DF4FEC73BF13A477A4E83,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.030{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-10A9-61E8-8C0A-000000002302}684C:\Windows\system32\conhost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.030{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-10A9-61E8-8C0A-000000002302}684C:\Windows\system32\conhost.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.030{ED6274ED-10A9-61E8-8C0A-000000002302}6847836C:\Windows\system32\conhost.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.014{ED6274ED-C837-61E7-A600-000000002302}3404372C:\Windows\system32\csrss.exe{ED6274ED-10A9-61E8-8C0A-000000002302}684C:\Windows\system32\conhost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\SYSTEM32\CSRSRV.dll+1a30|C:\Windows\SYSTEM32\CSRSRV.dll+5c09|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.014{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-10A9-61E8-8C0A-000000002302}684C:\Windows\system32\conhost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.998{ED6274ED-C837-61E7-A600-000000002302}3404372C:\Windows\system32\csrss.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.998{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.998{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.998{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.998{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.998{ED6274ED-109C-61E8-840A-000000002302}3166804C:\Temp\new\stage2.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\wow64.dll+10c0b|C:\Windows\System32\wow64.dll+10499|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6f66c(wow64)|C:\Windows\System32\KERNELBASE.dll+d9278(wow64)|C:\Windows\System32\KERNELBASE.dll+d7f5c(wow64)|C:\Windows\System32\windows.storage.dll+12427f(wow64)|C:\Windows\System32\windows.storage.dll+123f9f(wow64)|C:\Windows\System32\windows.storage.dll+123ce7(wow64)|C:\Windows\System32\windows.storage.dll+124cd5(wow64)|C:\Windows\System32\windows.storage.dll+123b11(wow64)|C:\Windows\System32\windows.storage.dll+125eea(wow64)|C:\Windows\System32\windows.storage.dll+1262f7(wow64)|C:\Windows\System32\windows.storage.dll+125915(wow64)|C:\Windows\System32\shell32.dll+1711b4(wow64)|C:\Windows\System32\shell32.dll+17108e(wow64)|C:\Windows\System32\shell32.dll+1ae43a(wow64)|C:\Windows\System32\shcore.dll+2fffa(wow64) 154100x8000000000000000258559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:49.008{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe10.0.14393.206 (rs1_release.160915-0644)Windows PowerShellMicrosoft® Windows® Operating SystemMicrosoft CorporationPowerShell.EXE"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBzACAAMQAwAA==C:\Temp\new\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=65D86C34814C02569E2AD53FD24E7F61,SHA256=8133502266008B77DE7921451E1210B0EF3F0ED2DB7D8D3EE0C3350D856FA6FA,IMPHASH=5E0145CEF36FA9BFBA7DE33AA683B8ED{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe"C:\Temp\new\stage2.exe" 10341000x8000000000000000258558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:48.998{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000179263Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:50.366{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=595D972E50690B573456422DCBB9749F,SHA256=E655852B7B6065E2EF65E46CF671D2171580468BA01E77B12861767BFF9505D7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:50.375{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=0099860BC1AEFDB1ABF9FDFA04AB7565,SHA256=EC7DC246459A4055F243CCA2CEDA174263B2F8EEFE3E5163A8E59FBB4968160E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:50.295{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-PowerShell_OperationalMD5=8EBF5C86CB1429717082D23C5897F396,SHA256=076080C7201CACD829F9BC4E4E06DB7D674300F0A3F63C7E74731F5CDEC7D652,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:50.295{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FB201683753020252B50770D2DE138C0,SHA256=115334895E2512950BD38B0D6DBC02BED0C87182F5B0E0F689FB01C5D70DA847,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:50.028{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10AA-61E8-8E0A-000000002302}5628C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:50.028{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:50.028{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:50.028{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:50.028{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:50.028{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-10AA-61E8-8E0A-000000002302}5628C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:50.028{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10AA-61E8-8E0A-000000002302}5628C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000258597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:50.029{ED6274ED-10AA-61E8-8E0A-000000002302}5628C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 354300x8000000000000000179265Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:50.170{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53377-false10.0.1.12-8000- 23542300x8000000000000000179264Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:51.382{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B2E7F0CF31EA7ACD8B4AE2C599C9E1CA,SHA256=BDD4E21F4D3E1DF566A5198E998725E517DB0FE8F8C5E7969EF4EA16DACADF97,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.529{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AC93E57631D0930EB29C5ED6BD0293D6,SHA256=C7194BD9B5DEE46DA83DC895CECE0E552EC714A90E03B86B86FA605750412A9C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10A9-61E8-8C0A-000000002302}684C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10A1-61E8-890A-000000002302}8156C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10A1-61E8-880A-000000002302}7644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000258693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CFCE083F59E061844A92D632BEE317BB,SHA256=F86DCDF1BC01FD4F78FCB7BD33197E7467B1DDE4FB9F92AAA6D76C6B04B2D0C8,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.260{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000258608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:51.043{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C73BF0B39569D0A19E0EC2BFC5A363EC,SHA256=E6323637F5F5F0AE77A140BE9759702FC3B7361C858EE2F05EE7AF9DFD49D79B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.714{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.714{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.676{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10AC-61E8-920A-000000002302}1976C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.660{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.660{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.660{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.660{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.660{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-10AC-61E8-920A-000000002302}1976C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.660{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10AC-61E8-920A-000000002302}1976C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000258763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.662{ED6274ED-10AC-61E8-920A-000000002302}1976C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000258762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.594{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+26327|C:\Windows\system32\lsasrv.dll+2746d|C:\Windows\system32\lsasrv.dll+261a5|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.594{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\lsasrv.dll+260ed|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 17141700x8000000000000000258760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-CreatePipe2022-01-19 13:22:52.529{ED6274ED-10AC-61E8-900A-000000002302}7472\PSHost.132870721723502677.7472.DefaultAppDomain.powershellC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe 23542300x8000000000000000258759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.498{ED6274ED-10AC-61E8-900A-000000002302}7472ATTACKRANGE\AdministratorC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Temp\2\__PSScriptPolicyTest_hqlfyc5r.xnu.psm1MD5=D17FE0A3F47BE24A6453E9EF58C94641,SHA256=96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.498{ED6274ED-10AC-61E8-900A-000000002302}7472ATTACKRANGE\AdministratorC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Temp\2\__PSScriptPolicyTest_1kuayd25.f3q.ps1MD5=D17FE0A3F47BE24A6453E9EF58C94641,SHA256=96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7,IMPHASH=00000000000000000000000000000000falsetrue 11241100x8000000000000000258757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.496{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Temp\2\__PSScriptPolicyTest_1kuayd25.f3q.ps12022-01-19 13:22:52.496 10341000x8000000000000000258756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.476{ED6274ED-10AC-61E8-8F0A-000000002302}11726804C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.460{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.460{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.429{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.376{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-10AC-61E8-910A-000000002302}5424C:\Windows\system32\conhost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.376{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-10AC-61E8-910A-000000002302}5424C:\Windows\system32\conhost.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.361{ED6274ED-10AC-61E8-910A-000000002302}54242628C:\Windows\system32\conhost.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.345{ED6274ED-C837-61E7-A600-000000002302}3404372C:\Windows\system32\csrss.exe{ED6274ED-10AC-61E8-910A-000000002302}5424C:\Windows\system32\conhost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\SYSTEM32\CSRSRV.dll+1a30|C:\Windows\SYSTEM32\CSRSRV.dll+5c09|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.345{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-10AC-61E8-910A-000000002302}5424C:\Windows\system32\conhost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.345{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.345{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.345{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.345{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.345{ED6274ED-C837-61E7-A600-000000002302}3404372C:\Windows\system32\csrss.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.345{ED6274ED-10A1-61E8-870A-000000002302}51327712C:\Temp\new\stage2.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\wow64.dll+10c0b|C:\Windows\System32\wow64.dll+10499|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6f66c(wow64)|C:\Windows\System32\KERNELBASE.dll+d9278(wow64)|C:\Windows\System32\KERNELBASE.dll+d7f5c(wow64)|C:\Windows\System32\windows.storage.dll+12427f(wow64)|C:\Windows\System32\windows.storage.dll+123f9f(wow64)|C:\Windows\System32\windows.storage.dll+123ce7(wow64)|C:\Windows\System32\windows.storage.dll+124cd5(wow64)|C:\Windows\System32\windows.storage.dll+123b11(wow64)|C:\Windows\System32\windows.storage.dll+125eea(wow64)|C:\Windows\System32\windows.storage.dll+1262f7(wow64)|C:\Windows\System32\windows.storage.dll+125915(wow64)|C:\Windows\System32\shell32.dll+1711b4(wow64)|C:\Windows\System32\shell32.dll+17108e(wow64)|C:\Windows\System32\shell32.dll+1ae43a(wow64)|C:\Windows\System32\shcore.dll+2fffa(wow64) 154100x8000000000000000258741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.350{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe10.0.14393.206 (rs1_release.160915-0644)Windows PowerShellMicrosoft® Windows® Operating SystemMicrosoft CorporationPowerShell.EXE"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -enc UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBzACAAMQAwAA==C:\Temp\new\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=65D86C34814C02569E2AD53FD24E7F61,SHA256=8133502266008B77DE7921451E1210B0EF3F0ED2DB7D8D3EE0C3350D856FA6FA,IMPHASH=5E0145CEF36FA9BFBA7DE33AA683B8ED{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe"C:\Temp\new\stage2.exe" 10341000x8000000000000000258740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.345{ED6274ED-C6F3-61E7-1100-000000002302}85596C:\Windows\System32\svchost.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\pcasvc.dll+ac96|c:\windows\system32\pcasvc.dll+aaf6|c:\windows\system32\pcasvc.dll+aab8|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000258739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.314{ED6274ED-10A1-61E8-880A-000000002302}7644ATTACKRANGE\AdministratorC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractiveMD5=446DD1CF97EABA21CF14D03AEBC79F27,SHA256=A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.175{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10AC-61E8-8F0A-000000002302}1172C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.160{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.160{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.160{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.160{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.160{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-10AC-61E8-8F0A-000000002302}1172C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.160{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10AC-61E8-8F0A-000000002302}1172C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000258731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.161{ED6274ED-10AC-61E8-8F0A-000000002302}1172C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000258730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.060{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E13D9463E76C4F07E8D7441774D0C9B8,SHA256=F900D7ABD0175DFE55874CC6D19775EDE8B295E786E29469A0F9A4FF942D781C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179266Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:52.397{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A5707A6FBA803B5C53418A8AB2E71639,SHA256=8933A2EE3366FB0CD7B371D9537767BCD6676C02526F504F4700957CF9202F3C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:53.558{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-PowerShell_OperationalMD5=F8E4A185356B2AC534FFA3F2BA8D813F,SHA256=B42BFDE3642D8C48D69EF7D689A7CAECBEC5C917D1980E4AAF3BCEB840C5D0DD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:53.558{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=16B7F38DCF468BC7E0FB1C5EC6725F9C,SHA256=4EA28851C03E78754A1D6A0016624D28A83AECB0D76776100B3B2F5256856B2A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:53.558{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=3E34E3B9B31FC9F6D2FEE060EF9D214F,SHA256=4BBD28E837FDD1AD0E20A6A8AAC45E36968715CA1C96E709A24B9058D8C4A4DB,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000258774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:52.160{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60361-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000179268Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:53.413{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C2552EFA73A4C8E81A894759F81EA51F,SHA256=7D708FB69ABA72AFB2E3D50A5975EAE6D42FD3E95B18018DBCFEA5B083EA4944,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:53.032{ED6274ED-10AC-61E8-920A-000000002302}19767548C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000179267Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:53.100{F0653C0F-C6EC-61E7-1F00-000000002402}1924NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:54.654{ED6274ED-10AE-61E8-930A-000000002302}38446240C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000258787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:54.441{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=D6BE5110E05E953E746822C2B5995BA4,SHA256=B22EB98D91B206815415088D521F92F2D7EECAE4FDF3DFE223899743CA9C21E4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:54.373{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10AE-61E8-930A-000000002302}3844C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:54.373{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:54.373{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:54.373{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:54.373{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:54.373{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-10AE-61E8-930A-000000002302}3844C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:54.373{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10AE-61E8-930A-000000002302}3844C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000258779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:54.373{ED6274ED-10AE-61E8-930A-000000002302}3844C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000258778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:54.257{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D10C0D9B65A77D6CD9F19509AF8051E7,SHA256=55358AF0D04D8FCA41F4E42EAB0BECF2E9EE101F4195F5F1F5FA465AC34781BE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179269Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:54.429{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D53DA0FF6CA082F334B20F870DAC56E4,SHA256=EC6622957E4C6DD962041C7E0643B87DC57409A994401E11B45E3899DF983D4E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179271Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:55.444{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=298E8EBD0303AA78FCADE311F53B7383,SHA256=9D8584B382CD3B363D403D46B4AB74E5206165AC4A11AD6B4C7041675946867E,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000258791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:53.469{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60362-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000258790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:53.469{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exeNT AUTHORITY\SYSTEMtcptruetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60362-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 23542300x8000000000000000258789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:55.283{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=24032E9853EB521475CCD94A494BB179,SHA256=CD6384DD059D74FBCAFBBBEE00E49DDC06071E42A75DC4A7D32DCF4396DC93B4,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179270Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:53.015{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53378-false10.0.1.12-8089- 23542300x8000000000000000258912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.423{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A02780183EDD1381BDB8CDF0BF507FAB,SHA256=DB04124BFF270B872CA088353F68547CCE775A50C5BAD71AA79B89809EE7070B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10AC-61E8-910A-000000002302}5424C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10A9-61E8-8C0A-000000002302}684C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10A9-61E8-8B0A-000000002302}3644C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179272Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:56.460{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DA7BA8E22A1852FC32B9988C82C0A305,SHA256=C8A2C7FF01585C7E6ACDEBEFA2EB9816599CBF43E7F1A5D62735184711E728FF,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000258860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4384D16D8E580D0341083DFEC79CCFF3,SHA256=D28B887A0A2FDCF6561804C60CC248DD7F7A37917D1E13ED4503FA1799A3C752,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.291{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000258817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000258792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:56.276{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000258923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.758{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=9DB45E2D1FDEFE5C9B4BBEAEB0AE52FF,SHA256=3E9D8488D117D36722B4E509C5B706ADF9CE56F5B8845FF4825CD7EE382609D5,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.494{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10B1-61E8-940A-000000002302}7568C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.494{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.494{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.494{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.494{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.494{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-10B1-61E8-940A-000000002302}7568C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.494{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10B1-61E8-940A-000000002302}7568C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000258915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.495{ED6274ED-10B1-61E8-940A-000000002302}7568C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000258914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.310{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E1C31F36FFA9DF9D81869B7020D6C922,SHA256=6CA80ACD4B08C2581FA91735F61C1973A2171193DD995D1E4D2DAE6C38B6040B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.247{ED6274ED-C704-61E7-2B00-000000002302}2988NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179273Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:57.475{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5731DD109B16C45529B2DE120CA87386,SHA256=49AB0E4B72AB4AF6322B4D388EA0F3B762F87C9685042AF9DBB101A4D2BF26F9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:58.519{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=5F8A3055726F7A0FF653A40A2ACAFC73,SHA256=B9A75C2FECF42FFE5C33373343FAFD7E56CBC9D2DB44E95C0A2EB5F491D600A1,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000258926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.306{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60364-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8089- 354300x8000000000000000258925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:57.259{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60363-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000258924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:58.319{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0D7CBC0CA97806B8BD854803DDC6ED59,SHA256=6E2E165AAC57CBD4A6664DD0250BF023B4205C04122573404BE4D164F405950D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179275Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:58.491{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8AB2EF0CA54CC235CE33AFD63EDB4366,SHA256=3B94C49C90F422FE11AE016423996CB811BACB5CC1CAEBD4F6A7819E2DB5D1D4,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179274Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:56.045{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53379-false10.0.1.12-8000- 23542300x8000000000000000179276Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:22:59.507{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9F895089C29E25881DCF848352993501,SHA256=637AC3D737A0DC7840B93B72C201080AD3BE92F5C9EAD46C5873288398BF24B6,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:59.833{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:59.749{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000258929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:59.717{ED6274ED-10A9-61E8-8B0A-000000002302}3644ATTACKRANGE\AdministratorC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractiveMD5=446DD1CF97EABA21CF14D03AEBC79F27,SHA256=A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:59.333{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9B8A597F9F44EBEE711BE4F587153E8B,SHA256=F90DAA4F7736FB561186410944B4726AE4B4C2E7322B3164A2830CFDCF737321,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179277Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:00.522{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=34E1269C66A6CE89FA70F97E3F94E920,SHA256=C37539F66A98DCDD106B1C94FB9E3A690056630CF0AD29C9D668AB9EBBE2B065,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.937{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.884{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.869{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.853{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.799{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\SYSTEM32\ntdll.dll+a99ac(wow64)|C:\Windows\System32\KERNEL32.DLL+33dd3(wow64)|C:\Windows\System32\KERNEL32.DLL+2b6b1(wow64)|C:\Windows\System32\wer.dll+3efa2(wow64)|C:\Windows\System32\wer.dll+3f373(wow64)|C:\Windows\System32\wer.dll+3fba6(wow64)|C:\Windows\System32\wer.dll+20335(wow64)|C:\Windows\System32\wer.dll+154e1(wow64)|C:\Windows\System32\faultrep.dll+105ec(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.784{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\wer.dll+32eeb(wow64)|C:\Windows\System32\wer.dll+24792(wow64)|C:\Windows\System32\wer.dll+15589(wow64)|C:\Windows\System32\faultrep.dll+104d0(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000259004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.768{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+33fe2f(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+33d738(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1ee5e9(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1ee664(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1ee6ed(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+28c8c5(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+29305d(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1e12f4(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+28c4f9(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cb18d(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cb022(wow64) 23542300x8000000000000000259003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.715{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-PowerShell_OperationalMD5=8F5F3C3980F58874C2A6B9E3E0B37931,SHA256=D73B56BF6729D135689B9A4A58367BAFE8007B15AFF035F9CBEAF5F089369CE8,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.684{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+3404d2(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+33c892(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+232f54(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+233565(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+239e56(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cf2f2(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cd856(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cf434(wow64)|C:\Windows\System32\faultrep.dll+15525(wow64)|C:\Windows\System32\faultrep.dll+eeab(wow64)|C:\Windows\System32\faultrep.dll+10365(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64) 23542300x8000000000000000259001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.634{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8627AEA9B5AB416D0A39359A0409A6DC,SHA256=9497CD3227559BDBB99761AD24179607E82D8A26C65CCC2DFBDFB26D951B407F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.618{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.604{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.584{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.584{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000258982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.568{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29867(wow64)|C:\Windows\System32\faultrep.dll+1eee5(wow64)|C:\Windows\System32\faultrep.dll+1eba6(wow64)|C:\Windows\System32\faultrep.dll+1e3aa(wow64)|C:\Windows\System32\faultrep.dll+19f7b(wow64)|C:\Windows\System32\faultrep.dll+ff81(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07 10341000x8000000000000000258981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.568{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29867(wow64)|C:\Windows\System32\faultrep.dll+1eee5(wow64)|C:\Windows\System32\faultrep.dll+1eba6(wow64)|C:\Windows\System32\faultrep.dll+1e3aa(wow64)|C:\Windows\System32\faultrep.dll+19f7b(wow64)|C:\Windows\System32\faultrep.dll+ff81(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07 23542300x8000000000000000258980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.553{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\ApplicationMD5=C0C78B34578C1FF400DE48DE83044048,SHA256=D97ABE4CB817F66390D8A8A2C325434AB221782AEDAB0AE3EC414ED021EF33A2,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.537{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\faultrep.dll+26e53(wow64)|C:\Windows\System32\faultrep.dll+1a7c6(wow64)|C:\Windows\System32\faultrep.dll+1a975(wow64)|C:\Windows\System32\faultrep.dll+19f7b(wow64)|C:\Windows\System32\faultrep.dll+ff81(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 13241300x8000000000000000258978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDB-VerSetValue2022-01-19 13:23:00.537{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe\REGISTRY\A\{a6b8ec29-9840-2999-f5ad-dc381ec048a4}\Root\InventoryApplicationFile\stage2.exe|a2383a518eddadfa\BinProductVersion10.0.18362.1500 13241300x8000000000000000258977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDB-CompileTimeClaimSetValue2022-01-19 13:23:00.537{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe\REGISTRY\A\{a6b8ec29-9840-2999-f5ad-dc381ec048a4}\Root\InventoryApplicationFile\stage2.exe|a2383a518eddadfa\LinkDate01/10/2022 14:39:54 13241300x8000000000000000258976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDB-PubSetValue2022-01-19 13:23:00.537{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe\REGISTRY\A\{a6b8ec29-9840-2999-f5ad-dc381ec048a4}\Root\InventoryApplicationFile\stage2.exe|a2383a518eddadfa\Publishermicrosoft corporation 13241300x8000000000000000258975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDB-PathSetValue2022-01-19 13:23:00.537{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe\REGISTRY\A\{a6b8ec29-9840-2999-f5ad-dc381ec048a4}\Root\InventoryApplicationFile\stage2.exe|a2383a518eddadfa\LowerCaseLongPathc:\temp\new\stage2.exe 10341000x8000000000000000258974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.447{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\SYSTEM32\ntdll.dll+a99ac(wow64)|C:\Windows\System32\KERNEL32.DLL+33dd3(wow64)|C:\Windows\System32\KERNEL32.DLL+2b6b1(wow64)|C:\Windows\System32\faultrep.dll+13849(wow64)|C:\Windows\System32\faultrep.dll+e10f(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.446{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.444{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.443{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.443{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.443{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.442{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.442{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.441{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.441{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.441{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.441{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.440{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.439{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\faultrep.dll+26e53(wow64)|C:\Windows\System32\faultrep.dll+11e90(wow64)|C:\Windows\System32\faultrep.dll+dd0a(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.439{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+10f67(wow64)|C:\Windows\System32\faultrep.dll+dc56(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.438{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\System32\faultrep.dll+dbf4(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.437{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.437{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.436{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\SysWOW64\WerFault.exe+16ecf|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.436{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\SysWOW64\WerFault.exe+16e14|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000258954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.395{ED6274ED-C837-61E7-A600-000000002302}3404372C:\Windows\system32\csrss.exe{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\SYSTEM32\CSRSRV.dll+1a30|C:\Windows\SYSTEM32\CSRSRV.dll+5c09|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.377{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.377{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.377{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.376{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.375{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.375{ED6274ED-10B4-61E8-950A-000000002302}56286240C:\Windows\System32\svchost.exe{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6f453|c:\windows\system32\faultrep.dll+695b|c:\windows\system32\faultrep.dll+6fc1|c:\windows\system32\wersvc.dll+af4c|c:\windows\system32\wersvc.dll+86c3|c:\windows\system32\wersvc.dll+589f|c:\windows\system32\wersvc.dll+5508|C:\Windows\SYSTEM32\ntdll.dll+80a34|C:\Windows\SYSTEM32\ntdll.dll+1e8a2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000258947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.373{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe10.0.14393.4402 (rs1_release.210426-1725)Windows Problem ReportingMicrosoft® Windows® Operating SystemMicrosoft CorporationWerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 316 -s 1776C:\Windows\system32\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=7BD45584299308DAEA16F2221A464A7F,SHA256=55E74A461777651BE95BBBB93835E69974FE8955631D92A3B7BB97504041D1BB,IMPHASH=CABB1BD9C8861200DB46B24A4934E8E8{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe"C:\Temp\new\stage2.exe" 23542300x8000000000000000258946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.371{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=76D1EF7FB4EC3DA2FBFCAD4CA73C43CF,SHA256=B202E6ACF23EF41CC4C22B2814FCC2F475FBFAEF19A9FBBF3BDF3C1EAD65DDCD,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000258945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.370{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+26327|C:\Windows\system32\lsasrv.dll+2746d|C:\Windows\system32\lsasrv.dll+261a5|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.370{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\lsasrv.dll+260ed|C:\Windows\SYSTEM32\SspiSrv.dll+11a2|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.360{ED6274ED-10B4-61E8-950A-000000002302}56286240C:\Windows\System32\svchost.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\wersvc.dll+aec9|c:\windows\system32\wersvc.dll+86c3|c:\windows\system32\wersvc.dll+589f|c:\windows\system32\wersvc.dll+5508|C:\Windows\SYSTEM32\ntdll.dll+80a34|C:\Windows\SYSTEM32\ntdll.dll+1e8a2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.359{ED6274ED-10B4-61E8-950A-000000002302}56286240C:\Windows\System32\svchost.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\wersvc.dll+acb9|c:\windows\system32\wersvc.dll+86c3|c:\windows\system32\wersvc.dll+589f|c:\windows\system32\wersvc.dll+5508|C:\Windows\SYSTEM32\ntdll.dll+80a34|C:\Windows\SYSTEM32\ntdll.dll+1e8a2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.359{ED6274ED-10B4-61E8-950A-000000002302}56286240C:\Windows\System32\svchost.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x50C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\wersvc.dll+88e0|c:\windows\system32\wersvc.dll+857c|c:\windows\system32\wersvc.dll+589f|c:\windows\system32\wersvc.dll+5508|C:\Windows\SYSTEM32\ntdll.dll+80a34|C:\Windows\SYSTEM32\ntdll.dll+1e8a2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.245{ED6274ED-C6F0-61E7-0A00-000000002302}6326640C:\Windows\system32\services.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\System32\RPCRT4.dll+2be8f|C:\Windows\system32\services.exe+1713f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.221{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000258938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.221{ED6274ED-C6F0-61E7-0A00-000000002302}6322928C:\Windows\system32\services.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6f453|C:\Windows\System32\KERNEL32.DLL+1d37f|C:\Windows\system32\services.exe+307d|C:\Windows\system32\services.exe+6334|C:\Windows\system32\services.exe+dc24|C:\Windows\system32\services.exe+d248|C:\Windows\system32\services.exe+17f9d|C:\Windows\SYSTEM32\ntdll.dll+65b65|C:\Windows\SYSTEM32\ntdll.dll+6586d|C:\Windows\SYSTEM32\ntdll.dll+656d0|C:\Windows\SYSTEM32\ntdll.dll+3a800|C:\Windows\SYSTEM32\ntdll.dll+1ed13|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.217{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+10f0e|C:\Windows\system32\lsasrv.dll+1e908|C:\Windows\system32\lsasrv.dll+1db31|C:\Windows\system32\lsasrv.dll+1c350|C:\Windows\system32\lsasrv.dll+2878b|C:\Windows\SYSTEM32\SspiSrv.dll+1467|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.217{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+f86b|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.217{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+f71b|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000258934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.217{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\lsasrv.dll+1b8ad|C:\Windows\system32\lsasrv.dll+2878b|C:\Windows\SYSTEM32\SspiSrv.dll+1467|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000258933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.048{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\ApplicationMD5=C0C78B34578C1FF400DE48DE83044048,SHA256=D97ABE4CB817F66390D8A8A2C325434AB221782AEDAB0AE3EC414ED021EF33A2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000258932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:00.048{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\ApplicationMD5=3FD70DECF8E437BF4D599E8CD9602483,SHA256=44D0192D0968E811EF50D372064622BF0579D337B6504F787091F4AE4140715A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179279Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:01.729{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\respondent-20220119080814-306MD5=26E1A90A17A870013EF4C4218FE87777,SHA256=02B0674969846812EB5EACE6FE845327C5B46FC53D45D3793660008BF07077BC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179278Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:01.524{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=456799BBFB4AAD0E91C53D41F4D2BAFD,SHA256=53ED53A5252B83630268E27FF45798F5C1B018D23C1DCCC951066E7BA4FA87EB,IMPHASH=00000000000000000000000000000000falsetrue 22542200x8000000000000000259142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:59.855{ED6274ED-109C-61E8-840A-000000002302}316cdn.discordapp.com0::ffff:162.159.133.233;::ffff:162.159.134.233;::ffff:162.159.135.233;::ffff:162.159.130.233;::ffff:162.159.129.233;C:\Temp\new\stage2.exe 354300x8000000000000000259141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:22:59.929{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exeATTACKRANGE\Administratortcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60365-false162.159.133.233-443https 23542300x8000000000000000259140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.437{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4F64C9FADB9607672476E1F3A6F89C14,SHA256=7995AB68840719F580F1818E853D049A88A96B4EFDCE82CBD1AF69F3F5871324,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.369{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SystemMD5=FE400E38CA2F213BA4156670401C15DC,SHA256=FF2D0417BA7846D1B93AFEBE614391E61A323735105DCDBB2E4221FC9F5C3C59,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.369{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SystemMD5=EAACBF712797FA7952357F2775FE8DEE,SHA256=C15FFC79A0C792E99A8D29DF9B21F3CB35FA2C3467689C47234A538DEF188C2A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.333{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EA2A68A32FDA3F8992A30A6BB1AEB049,SHA256=F09C2F422A66B9ED5925D50BE308C4474487C3092CD9103131CE17F115F5E5CE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.333{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=5AFEED47E0AF465C32ABEE93FEA2AEF2,SHA256=426CED03984814CB56930529A80295F2C2AF72C2A4C0A4E664B78A0FF3CCB6D4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10AC-61E8-910A-000000002302}5424C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10AC-61E8-900A-000000002302}7472C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.300{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.084{ED6274ED-C83C-61E7-B500-000000002302}47006504C:\Windows\Explorer.EXE{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.084{ED6274ED-C83C-61E7-B500-000000002302}47006504C:\Windows\Explorer.EXE{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.084{ED6274ED-C83C-61E7-B500-000000002302}47006504C:\Windows\Explorer.EXE{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:01.084{ED6274ED-C83C-61E7-B500-000000002302}47006504C:\Windows\Explorer.EXE{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\Explorer.EXE+1f054|C:\Windows\Explorer.EXE+1f000|C:\Windows\Explorer.EXE+1dfec|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000179281Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:02.743{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\surveyor-20220119080812-307MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179280Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:02.539{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D805DCD59E946DA4FC19807F67123461,SHA256=62D335F50D876304E93651F02B7FFCCB3D82917F2A2886D59D273E1E17D1115F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:02.389{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A13214A9D4F1599F8F9CA81FD8D385C2,SHA256=96A5BFA8BB86B5C28948DBB92DBFAFEFBC4D70FEA621555163ACF0F3C2D79F9C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179282Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:03.540{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=656B1EF9C4F132425BBDD2ED6520EA2E,SHA256=8FF93B5CAF011F73B3065973B8F3CE70AA078196D35A173C1C3BC2B18AF4EDE8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.856{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=883359EE48C5A5A6B4026CABFC22D6B2,SHA256=BEABB0B8CBAC3D4F26DD48C9B9A1598EE128A5AA219DA1535F50C3B3B125F34E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.788{ED6274ED-C83C-61E7-B500-000000002302}47001852C:\Windows\Explorer.EXE{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.788{ED6274ED-C83C-61E7-B500-000000002302}47001852C:\Windows\Explorer.EXE{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.788{ED6274ED-C83C-61E7-B500-000000002302}47001852C:\Windows\Explorer.EXE{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.788{ED6274ED-C83C-61E7-B500-000000002302}47006504C:\Windows\Explorer.EXE{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.788{ED6274ED-C83C-61E7-B500-000000002302}47006504C:\Windows\Explorer.EXE{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.788{ED6274ED-C83C-61E7-B500-000000002302}47006504C:\Windows\Explorer.EXE{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+1e03a|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.788{ED6274ED-C83C-61E7-B500-000000002302}47006504C:\Windows\Explorer.EXE{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\Explorer.EXE+1f054|C:\Windows\Explorer.EXE+1f000|C:\Windows\Explorer.EXE+1dfec|C:\Windows\Explorer.EXE+1e249|C:\Windows\Explorer.EXE+1df79|C:\Windows\Explorer.EXE+3c407|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.772{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62db0|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.772{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+47bc0|C:\Windows\System32\SHELL32.dll+62d6c|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.772{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.772{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.688{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.657{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000259208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.657{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6120BBC631804B6EF3059240F4F6A963,SHA256=37564DAE1BD69014CCB547E38049E1F98DF0A4712C57122E098570E620DA85A1,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.641{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.637{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+54c6|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.588{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\SYSTEM32\ntdll.dll+a99ac(wow64)|C:\Windows\System32\KERNEL32.DLL+33dd3(wow64)|C:\Windows\System32\KERNEL32.DLL+2b6b1(wow64)|C:\Windows\System32\wer.dll+3efa2(wow64)|C:\Windows\System32\wer.dll+3f373(wow64)|C:\Windows\System32\wer.dll+3fba6(wow64)|C:\Windows\System32\wer.dll+20335(wow64)|C:\Windows\System32\wer.dll+154e1(wow64)|C:\Windows\System32\faultrep.dll+105ec(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.572{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\wer.dll+32eeb(wow64)|C:\Windows\System32\wer.dll+24792(wow64)|C:\Windows\System32\wer.dll+15589(wow64)|C:\Windows\System32\faultrep.dll+104d0(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000259203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.557{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+33fe2f(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+33d738(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1ee5e9(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1ee664(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1ee6ed(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+28c8c5(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+29305d(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1e12f4(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+28c4f9(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cb18d(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cb022(wow64) 10341000x8000000000000000259202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.519{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+3404d2(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+33c892(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+232f54(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+233565(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+239e56(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cf2f2(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cd856(wow64)|C:\Windows\SYSTEM32\dbgeng.dll+1cf434(wow64)|C:\Windows\System32\faultrep.dll+15525(wow64)|C:\Windows\System32\faultrep.dll+eeab(wow64)|C:\Windows\System32\faultrep.dll+10365(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64) 10341000x8000000000000000259201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 10341000x8000000000000000259184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29b6d(wow64)|C:\Windows\System32\faultrep.dll+1e723(wow64)|C:\Windows\System32\faultrep.dll+1a0b7(wow64)|C:\Windows\System32\faultrep.dll+10084(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f 23542300x8000000000000000259183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\ApplicationMD5=8AC4E6B8885331FDD8EA4418C2C5242D,SHA256=7C24101DF5BAA1081882AD8CA7659E8D6B202748A00C250F2F288963F941F1A7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+296a4(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29867(wow64)|C:\Windows\System32\faultrep.dll+1eee5(wow64)|C:\Windows\System32\faultrep.dll+1eba6(wow64)|C:\Windows\System32\faultrep.dll+1e3aa(wow64)|C:\Windows\System32\faultrep.dll+19f7b(wow64)|C:\Windows\System32\faultrep.dll+ff81(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07 10341000x8000000000000000259181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+f0c0b(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29697(wow64)|C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll+29867(wow64)|C:\Windows\System32\faultrep.dll+1eee5(wow64)|C:\Windows\System32\faultrep.dll+1eba6(wow64)|C:\Windows\System32\faultrep.dll+1e3aa(wow64)|C:\Windows\System32\faultrep.dll+19f7b(wow64)|C:\Windows\System32\faultrep.dll+ff81(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07 10341000x8000000000000000259180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.503{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\faultrep.dll+26e53(wow64)|C:\Windows\System32\faultrep.dll+1a7c6(wow64)|C:\Windows\System32\faultrep.dll+1a975(wow64)|C:\Windows\System32\faultrep.dll+19f7b(wow64)|C:\Windows\System32\faultrep.dll+ff81(wow64)|C:\Windows\System32\faultrep.dll+e21c(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64) 10341000x8000000000000000259179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\SYSTEM32\ntdll.dll+a99ac(wow64)|C:\Windows\System32\KERNEL32.DLL+33dd3(wow64)|C:\Windows\System32\KERNEL32.DLL+2b6b1(wow64)|C:\Windows\System32\faultrep.dll+13849(wow64)|C:\Windows\System32\faultrep.dll+e10f(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+1132d(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\faultrep.dll+26e53(wow64)|C:\Windows\System32\faultrep.dll+11e90(wow64)|C:\Windows\System32\faultrep.dll+dd0a(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+10f67(wow64)|C:\Windows\System32\faultrep.dll+dc56(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.488{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\System32\faultrep.dll+dbf4(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.472{ED6274ED-C6F3-61E7-1600-000000002302}12167244C:\Windows\system32\svchost.exe{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+235b|c:\windows\system32\themeservice.dll+1ed0|c:\windows\system32\themeservice.dll+2006|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.472{ED6274ED-C6F3-61E7-1600-000000002302}12161260C:\Windows\system32\svchost.exe{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1478C:\Windows\SYSTEM32\ntdll.dll+a6144|c:\windows\system32\themeservice.dll+144a|c:\windows\system32\themeservice.dll+4175|c:\windows\system32\themeservice.dll+3379|c:\windows\system32\themeservice.dll+31a3|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.472{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\SysWOW64\WerFault.exe+16ecf|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.472{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|C:\Windows\SysWOW64\WerFault.exe+16e14|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.441{ED6274ED-C837-61E7-A600-000000002302}34043476C:\Windows\system32\csrss.exe{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6cd4|C:\Windows\SYSTEM32\CSRSRV.dll+1a30|C:\Windows\SYSTEM32\CSRSRV.dll+5c09|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000259158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.441{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.441{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.441{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.441{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.441{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000259153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.441{ED6274ED-10B4-61E8-950A-000000002302}56286240C:\Windows\System32\svchost.exe{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6f453|c:\windows\system32\faultrep.dll+695b|c:\windows\system32\faultrep.dll+6fc1|c:\windows\system32\wersvc.dll+af4c|c:\windows\system32\wersvc.dll+86c3|c:\windows\system32\wersvc.dll+589f|c:\windows\system32\wersvc.dll+5508|C:\Windows\SYSTEM32\ntdll.dll+80a34|C:\Windows\SYSTEM32\ntdll.dll+1e8a2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000259152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.450{ED6274ED-10B7-61E8-970A-000000002302}4224C:\Windows\SysWOW64\WerFault.exe10.0.14393.4402 (rs1_release.210426-1725)Windows Problem ReportingMicrosoft® Windows® Operating SystemMicrosoft CorporationWerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 5132 -s 1740C:\Windows\system32\ATTACKRANGE\Administrator{ED6274ED-C83A-61E7-93BB-090000000000}0x9bb932HighMD5=7BD45584299308DAEA16F2221A464A7F,SHA256=55E74A461777651BE95BBBB93835E69974FE8955631D92A3B7BB97504041D1BB,IMPHASH=CABB1BD9C8861200DB46B24A4934E8E8{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe"C:\Temp\new\stage2.exe" 10341000x8000000000000000259151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.441{ED6274ED-10B4-61E8-950A-000000002302}56286240C:\Windows\System32\svchost.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\wersvc.dll+aec9|c:\windows\system32\wersvc.dll+86c3|c:\windows\system32\wersvc.dll+589f|c:\windows\system32\wersvc.dll+5508|C:\Windows\SYSTEM32\ntdll.dll+80a34|C:\Windows\SYSTEM32\ntdll.dll+1e8a2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.441{ED6274ED-10B4-61E8-950A-000000002302}56286240C:\Windows\System32\svchost.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\wersvc.dll+acb9|c:\windows\system32\wersvc.dll+86c3|c:\windows\system32\wersvc.dll+589f|c:\windows\system32\wersvc.dll+5508|C:\Windows\SYSTEM32\ntdll.dll+80a34|C:\Windows\SYSTEM32\ntdll.dll+1e8a2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.441{ED6274ED-10B4-61E8-950A-000000002302}56286240C:\Windows\System32\svchost.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x50C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\wersvc.dll+88e0|c:\windows\system32\wersvc.dll+857c|c:\windows\system32\wersvc.dll+589f|c:\windows\system32\wersvc.dll+5508|C:\Windows\SYSTEM32\ntdll.dll+80a34|C:\Windows\SYSTEM32\ntdll.dll+1e8a2|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000259148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.404{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4092BA7AE7C96B3242F95466F8FC2667,SHA256=E4ED9342D59349E1A94BB9C5BE3720D359FD15CC04CC1074D4CD3E81770BCF6C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.388{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\ApplicationMD5=A13CA3FAB0CD93DC69FA17DFC1C8DFBA,SHA256=7E7FCCA935C4D8A4653790F1061D99FA6CCE8BC906EBFF73CF2AF57FEA3CAAF1,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.173{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.157{ED6274ED-C6F0-61E7-0B00-000000002302}6403452C:\Windows\system32\lsass.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+5460b|C:\Windows\System32\RPCRT4.dll+52cea|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000259144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.104{ED6274ED-10AC-61E8-900A-000000002302}7472ATTACKRANGE\AdministratorC:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeC:\Users\Administrator\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractiveMD5=446DD1CF97EABA21CF14D03AEBC79F27,SHA256=A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179284Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:01.983{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53380-false10.0.1.12-8000- 23542300x8000000000000000179283Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:04.555{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7313B9C02C754DB35A2A1ADA57556E33,SHA256=6DB2BC27D9E43CE282FD1DF417BD81AD7888E4FF784FE91ED933F1F2F1600700,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.640{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.640{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.640{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.640{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.640{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.640{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.640{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.640{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.640{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.640{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.640{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.640{ED6274ED-10B7-61E8-970A-000000002302}42245840C:\Windows\SysWOW64\WerFault.exe{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000259225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.456{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=0B1B3FBF475C698F5A7FE257D2ED7B0D,SHA256=399914BDD815EBA22D09D1B586B86211EC703D0F580B17EAC9E82F112DCC6AE6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.419{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7A2B0197665A366FF9B55FB9F62D1F4B,SHA256=40DA207A59399FA72D20040F4D1868AA6B8CF92186DB7A7D745BBDBE114DC10E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:04.119{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-PowerShell_OperationalMD5=13541A504B0336CBF7DD53903F45BF9B,SHA256=066FDDE7803018C69D660781FA17101D8BE771B9D8BCA3747346F739F3426C2D,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000259260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.264{ED6274ED-10A1-61E8-870A-000000002302}5132C:\Temp\new\stage2.exeATTACKRANGE\Administratortcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60367-false162.159.133.233-443https 354300x8000000000000000259259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.153{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60366-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000259258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.655{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E9F6B9353E3D5F43D2AC9995365540AC,SHA256=F35AB614799F4A48FBAA3DC7592386261E45B7E348A75267FA658426420DCB50,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179285Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:05.571{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AE7735987CFF90D0EC6075A7CDF143E7,SHA256=5EAFB6C58F8E69D351221AFE75B8675C12D6B0EDCA2484D0C5BCEAE5D6511950,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.335{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.335{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.335{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.334{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.334{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.334{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.334{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.334{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.334{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.319{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.319{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.319{ED6274ED-10B4-61E8-960A-000000002302}33683844C:\Windows\SysWOW64\WerFault.exe{ED6274ED-109C-61E8-840A-000000002302}316C:\Temp\new\stage2.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+2e9e|C:\Windows\System32\wow64.dll+2d80|C:\Windows\System32\wow64.dll+2d08|C:\Windows\System32\wow64.dll+3c0a|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+92e57|C:\Windows\SYSTEM32\ntdll.dll+78145|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecec(wow64)|C:\Windows\System32\KERNELBASE.dll+158cdb(wow64)|C:\Windows\System32\faultrep.dll+11236(wow64)|C:\Windows\System32\faultrep.dll+11365(wow64)|C:\Windows\System32\faultrep.dll+d102(wow64)|C:\Windows\SysWOW64\WerFault.exe+16f07|C:\Windows\SysWOW64\WerFault.exe+6451|C:\Windows\SysWOW64\WerFault.exe+23a2f|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.218{ED6274ED-C83C-61E7-B500-000000002302}47001852C:\Windows\Explorer.EXE{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62725|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.218{ED6274ED-C83C-61E7-B500-000000002302}47001852C:\Windows\Explorer.EXE{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6263e|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.218{ED6274ED-C83C-61E7-B500-000000002302}47001852C:\Windows\Explorer.EXE{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62607|C:\Windows\Explorer.EXE+3c618|C:\Windows\Explorer.EXE+3c4a4|C:\Windows\Explorer.EXE+3c411|C:\Windows\System32\windows.storage.dll+15458f|C:\Windows\System32\windows.storage.dll+15330f|C:\Windows\System32\windows.storage.dll+1562bf|C:\Windows\System32\SHCORE.dll+367a6|C:\Windows\SYSTEM32\ntdll.dll+39d09|C:\Windows\SYSTEM32\ntdll.dll+1e89a|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 22542200x8000000000000000259242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:03.192{ED6274ED-10A1-61E8-870A-000000002302}5132cdn.discordapp.com0::ffff:162.159.133.233;::ffff:162.159.134.233;::ffff:162.159.135.233;::ffff:162.159.130.233;::ffff:162.159.129.233;C:\Temp\new\stage2.exe 10341000x8000000000000000259241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.202{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+6163f|C:\Windows\System32\SHELL32.dll+62db0|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.202{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+47bc0|C:\Windows\System32\SHELL32.dll+62d6c|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.202{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHELL32.dll+61894|C:\Windows\System32\SHELL32.dll+62d40|C:\Windows\System32\TwinUI.dll+12d711|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000259238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:05.202{ED6274ED-C83C-61E7-B500-000000002302}47004864C:\Windows\Explorer.EXE{ED6274ED-10B4-61E8-960A-000000002302}3368C:\Windows\SysWOW64\WerFault.exe0x1410C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\TwinUI.dll+12d549|C:\Windows\System32\TwinUI.dll+12df7f|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000259378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.769{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=45EF5D1160E6DD9DFADD8EFDB5FA4A12,SHA256=CE129C46B4D14F69E96A416A5C9ECCF86E72360319598B71BA78C2A5CA6F734C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.769{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=82847674D393AE6EFFD15AFB590E4706,SHA256=B23D5D0524D4227BD36FD5A1E361D8A88210B983AAFDACD1F131A5471AD63D7C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179286Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:06.587{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3C801DFE9BDFD88A239333217CACE7DA,SHA256=4CBE085D3FD520A0EEB4571457870FDF39E2BE00289C7A331E06DA8245ED6554,IMPHASH=00000000000000000000000000000000falsetrue 13241300x8000000000000000259376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDBSetValue2022-01-19 13:23:06.652{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exeHKU\S-1-5-21-1045181283-1041755688-4012098945-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\C:\Temp\new\stage2.exeBinary Data 10341000x8000000000000000259375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000259365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=13219A4C537BD7C1EC362D567F824FA3,SHA256=3A8298C82AAEC0D0877ADC2A99F1E10FCD2BD71829C2534229EE2484B3EEFD02,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.317{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:06.302{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000259380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:07.784{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2520BD436CCFFE167D83306E9481A448,SHA256=6FE22617E8362F853791DA7EB30F1364A5EEDCEFC2ED89E5FBD768D6C63CC567,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179287Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:07.602{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A62EE7E7A374BE9268FE28FBA972A494,SHA256=BA4CE9D1E27FA686CD807B2BE62006BF46C32A95BF98072CFC9D1A69F2B395C8,IMPHASH=00000000000000000000000000000000falsetrue 13241300x8000000000000000259379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.localInvDBSetValue2022-01-19 13:23:07.347{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exeHKU\S-1-5-21-1045181283-1041755688-4012098945-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\C:\Temp\new\stage2.exeBinary Data 23542300x8000000000000000259381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:08.803{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FB291B5232B89FAF578BAB389289F0F7,SHA256=991E391FA0B1ED37EE841DC26809D585F42BBFAF77F0A0E0736092B2130D53AA,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179289Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:07.094{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53381-false10.0.1.12-8000- 23542300x8000000000000000179288Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:08.618{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A9BD3F60C1975215FDDBA20CE95A6275,SHA256=EB85C8067CA7BE10241714DF93B4625487CDDA8456BD45BD40498D1A6927B90E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:09.818{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2A11E734313B2873F098468DAE9114D9,SHA256=5D9ABA2245ACA00D15FAC91B413468D1F6DADF94FBDCB9A01A859620377982A4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179290Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:09.633{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8EA0E6BBA9B8523AEDA43FAE0F846110,SHA256=045DC39F4B4B8FF0781990E2A256D6E1B4DE09E5FF6DB9977DE42A3E607E79EC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179291Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:10.649{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=02DF167AB0F428FDAF4DDB0AAFB3C215,SHA256=12DF485F7D57B261604A944A000E0D453CED2E4243798B2D20878192D8764451,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:10.832{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=71944B3F7584167C8A475DEB70E38785,SHA256=941A3B87664D5AC8CF4AE02F85E8D1EC4EC6707CDADFED417FEB6EF932875B51,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000259383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:08.215{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60368-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000259502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.855{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4AB30FC3D42FD869FBCCB2DF0B76FB3E,SHA256=A5F93F3745F4D05DCD3CEFFD7F15175577636C30026C12A088FA6A628CEB4EB6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179292Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:11.665{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C603FDB101BA50E3D96FF62A53875332,SHA256=A14A3F29B4F5B6F8655D06FAA34C1842D8EBFB83296129A9357C60140A8C2674,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.433{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=99463B20725A8C233FBADB3D30A2F2A9,SHA256=65AA541CC05BD08A0440E3655F595AEA5026DFDE96520A90B157EDF98C75EE7F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.354{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.354{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.354{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.354{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.354{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.354{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.354{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.354{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.353{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.352{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.352{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.352{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000259476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.352{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=235255771F028D3AF7E8479B49E95202,SHA256=C1B57FAA0B492022C8CE74FF9A686BA4914CEF9E3A4173C67612014A30BE3F09,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.352{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.351{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.351{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.351{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.351{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.351{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.351{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.351{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.351{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.351{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.351{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.350{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.350{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.350{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.350{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.350{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.350{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.350{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.350{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.350{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.349{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.348{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.348{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.348{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.348{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.348{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.348{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.348{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.348{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.348{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.348{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000259385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:11.070{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=B91F227E25B42F296A6E65E0E9C31D6A,SHA256=C5B0AB3F0567AD009B7433DE21D8F63B4B02DA0F9275E0262FDC61BFB78E9B7D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:12.871{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DB22F916516A8BD2A43A016CB8DE4DAE,SHA256=F62E63726160CD33DDEA862A142E4F6A7CEBB2811F5BAAF24534D35D1E21344D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179293Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:12.680{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1E597CA7A9DD6D64D8DC442A99F84749,SHA256=520D0A3C9D6324D143ED4D11CB4BB8ED9722466E3C20DC27A5B4EC0A367D297F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:13.874{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C21C0803E64E77AD993CF5B37A7B2BB1,SHA256=B24912F67391D4357A2ED780999620F7A55B99EEB854789F8EE836486FB44B0D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179296Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:13.977{F0653C0F-C6EB-61E7-1100-000000002402}980NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.datMD5=A9BB8740662F4D8E750ED5EE516054CA,SHA256=15955F4A9D6F90879DBC5578A66E00FFBF0DE0198E66CDB205E2009E202E5BFB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179295Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:13.696{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=803C34D6BF7E391A0A481076B22F7BE3,SHA256=0C40BE6799ECE9BCAFD852E750FBA64D55AD63C11E0DF5EB0A44DB2FD15A403D,IMPHASH=00000000000000000000000000000000falsetrue 13241300x8000000000000000179294Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-SetValue2022-01-19 13:23:13.024{F0653C0F-C6EC-61E7-1500-000000002402}92C:\Windows\system32\svchost.exeHKLM\System\CurrentControlSet\Services\W32Time\Config\LastKnownGoodTimeQWORD (0x01d80d37-0xb5b3c569) 23542300x8000000000000000259505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:14.889{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F5C4EEAC358E5C45479D253E209AE00D,SHA256=78B9C3F6E036113DF6DD9E1F9C144E78D0F593E48D5E755DCF7836BBC8255F69,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179297Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:14.697{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A77E71D4230DD903B9F0E224EA136F45,SHA256=A499DFD18CFCCAF2E86CC880FAFC696748C785B4B79911E95FB1701798F4D01B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179298Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:15.728{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=76B2187AC35BA378732C552EE1D2B21E,SHA256=9661B743440B1EF0EDF75BBA6F89FC65E51C06AE65D7946BB359C2C5C090B514,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:15.903{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2ACAEB7AF46B452C753C1BBDA70D4D5C,SHA256=6E783509957C2519B90059A3F20963E9AF479851B41C41FD03DDD52E82221427,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000259506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:14.238{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60369-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000179300Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:16.775{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A3CA9A9700A604B8266B0008B73080C2,SHA256=DEBBD42B9B4CF7A4ADBB511621CF52BC5EA1D005A78C6DA4A7E6EDF379EB62EE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.904{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E31A3902A9FCF823788008B0839103B0,SHA256=EBEEBC82C15E7B161EC6DDC0B5D4B1E7D0FE57D335D202A23D7919BB1391055B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179299Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:12.984{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53382-false10.0.1.12-8000- 23542300x8000000000000000259623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.635{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C2BD4D5CE575F6B78D0F756E872099A7,SHA256=43FBA64F0E35C206110AB20545188E59BCDCDC93B12C7FC4839398931F1C536B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.372{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000259508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:16.087{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=18F3866D466DE664C8FCCAD5852554AD,SHA256=125FCD951EB6FD1577C4DBD824436845B8B88D1DF437419CB12CA0B0569D1DA4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179301Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:17.806{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DFC457D5064A839C46820FA91344628A,SHA256=7996E055F69B896D840D0399AF459EDE167909DB2E4C001098EB5CDB10F86305,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:17.918{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=06A2006E54D27FB65A2DA805B9ECA906,SHA256=1C2CA24F9ACE6FA002128F5F1A00DC686C039C3A3A72E2DFCA321A9DF258543E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:18.933{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9C9630B7826E60827BDF581A3CDFFCF0,SHA256=621D43F23B0E9855FE1B06268E338678F0165EF527F16D588FAA3BC2A2AA4359,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179302Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:18.838{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2D051B4796C9E24D1AA51B7AAD944F8E,SHA256=56E0A5B4516DC5E50F3BACDDB0C1206A258DCF06B624DD9EE23BA5C3AC896030,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179303Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:19.931{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A8CC9130A4232458C9C5BD4660A2CCCE,SHA256=AFB67742E8A1379CB4AD6B58E71CD52B5059E4A3D42240F76A42E747DB230A87,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:19.939{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=40CCE7082936E4CE330DEB28EB709603,SHA256=3C8399424FAD4BB49219209B3EC1A1AA81DF6707134E60F614A2CB074580D98C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179304Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:20.963{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E4D5F37C9741FA863C006DA2A162BB45,SHA256=6B714DA6C9C17CA9B35795213ECB55E09826D1D7A15B90D856CBB7A44F457959,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:20.960{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=694129AB7E9F6DB6B24070A3C23ADF5D,SHA256=77A3EF25CDAE2AEE4BF07ABB098F8153366FE609EFEDA87A33C9BA9B8540121E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.962{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E3FC9702A1ED53D3D140C3F3AEBF65A5,SHA256=C1737057433B95F1A967A1D61A7110F43F04C2A53E4F7B37DBFC1B5D4EE5BAE5,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000259755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:20.171{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60370-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 354300x8000000000000000179305Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:18.126{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53383-false10.0.1.12-8000- 13241300x8000000000000000259754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:23:21.815{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeConfidenceDWORD (0x00000006) 13241300x8000000000000000259753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:23:21.815{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeTickCountQWORD (0x00000000-0x01209949) 13241300x8000000000000000259752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:23:21.815{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeLowQWORD (0x01d80d2f-0x58c71f1e) 13241300x8000000000000000259751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:23:21.815{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeEstimatedQWORD (0x01d80d37-0xba8b871e) 13241300x8000000000000000259750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:23:21.815{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeHighQWORD (0x01d80d40-0x1c4fef1e) 13241300x8000000000000000259749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:23:21.815{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeConfidenceDWORD (0x00000006) 13241300x8000000000000000259748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:23:21.815{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\RunTime\SecureTimeTickCountQWORD (0x00000000-0x01209949) 13241300x8000000000000000259747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:23:21.815{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeLowQWORD (0x01d80d2f-0x58c7aaec) 13241300x8000000000000000259746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:23:21.815{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeEstimatedQWORD (0x01d80d37-0xba8c12ec) 13241300x8000000000000000259745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:23:21.815{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exeHKLM\System\CurrentControlSet\Services\W32Time\SecureTimeLimits\SecureTimeHighQWORD (0x01d80d40-0x1c507aec) 23542300x8000000000000000259744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.575{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=98E44FE3AA84EF7A87C918A3C3E2B67C,SHA256=A166C92636E84F9487695570459C29A28622BF1C92B1D725F97B1CF4BD699FB8,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.428{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000259697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B7BB2EB12881AB199454CBDBFCB6DDD0,SHA256=EBD69C519AD5C4DA71DA8C3B6F212B4B6B74E65DDF8476AFE8C2E26636662211,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.413{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.412{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.411{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.410{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:21.391{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000259758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:22.978{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6EF3128A5C96C6F084AC5060A357776E,SHA256=52067C50510D393A02DF33F5913BB67D47CA14C568D3B9DA4EF668508BFA83C8,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179333Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.728{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-10CA-61E8-2F09-000000002402}1884C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179332Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179331Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179330Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179329Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179328Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179327Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179326Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179325Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179324Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179323Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.728{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-10CA-61E8-2F09-000000002402}1884C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179322Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.728{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-10CA-61E8-2F09-000000002402}1884C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179321Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.729{F0653C0F-10CA-61E8-2F09-000000002402}1884C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000179320Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.447{F0653C0F-10CA-61E8-2E09-000000002402}31042932C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179319Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.228{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-10CA-61E8-2E09-000000002402}3104C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179318Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.228{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179317Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.228{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179316Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.228{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179315Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.228{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179314Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.228{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179313Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.228{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179312Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.228{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179311Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.228{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179310Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.228{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179309Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.228{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-10CA-61E8-2E09-000000002402}3104C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179308Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.228{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-10CA-61E8-2E09-000000002402}3104C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179307Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.229{F0653C0F-10CA-61E8-2E09-000000002402}3104C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179306Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:22.025{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A375A3BB8AE6BBAF94FC5750254D7682,SHA256=466BE4D96DE1337352AAFE291E4774405C0100C3249A876D896B126C11EB4E58,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:22.078{ED6274ED-C6F3-61E7-1300-000000002302}704NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.datMD5=2B3055FE3C91D1FA3347053E4083E972,SHA256=211C260251CA7240D302B5EABF21579F38EE6A5500883318BB562D4E51F5C2A9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:23.978{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BA47113E84425F854517C9F4E097BEE8,SHA256=D769749CEE6C967E3DC92C25D3E923496A4F1C3060E7FFF36A1B092FAFC60983,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179349Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-10CB-61E8-3009-000000002402}3168C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179348Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179347Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179346Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179345Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179344Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179343Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179342Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179341Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179340Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179339Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-10CB-61E8-3009-000000002402}3168C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179338Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-10CB-61E8-3009-000000002402}3168C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179337Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.371{F0653C0F-10CB-61E8-3009-000000002402}3168C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179336Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=C7D07BFAD940E777FD95FE3357CD809E,SHA256=33653318A6268177D9970CC23CB72B3F349A9898481C3B254B599CFA60F731D8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179335Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E67ACBE42C0215AF212EC75CAE6F2539,SHA256=5A3F4920D42683D8E3C67B62C73D25E307655B3C8F63668FFA22693819592FCD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179334Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:23.369{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=9A4EC512289697586B9C854A96A70C58,SHA256=E2D5FE9FA37E6AD4B9874AF81AFD6082B4E949FFFDEDF9D47FF01EF82047054C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:23.478{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\datareporting\glean\db\data.safe.binMD5=C1D49ECBDB7AB1F9160AA78696104D22,SHA256=E48C9E354E18F0B7A4C28941D5B42227A2F8369937936608BF7367BC3ACD403B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:24.992{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0E75B54927B6E0BCBCD6183BEE51D334,SHA256=D793CDF3317F232F47E19DA9F467E901C9C632DB307F127CDC601C4E941540A5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179351Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:24.603{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F112EDBDD38A3338FAB3F35C9F92F067,SHA256=E08B1F0617960ABD64EF596BC48E7A001A501879AD4CD750637CEABF7A1F04AA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179350Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:24.572{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=C7D07BFAD940E777FD95FE3357CD809E,SHA256=33653318A6268177D9970CC23CB72B3F349A9898481C3B254B599CFA60F731D8,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179353Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:24.079{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53384-false10.0.1.12-8000- 23542300x8000000000000000179352Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:25.619{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FE9FE3D59CC0B717D2084AF427F75FB7,SHA256=28C9E3F4DDE7080DB9A152DA46A0D45C62681382586F99A1EFBBD3C641A8A3DC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:25.994{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=226D43C6FDD10648E00AD3A1DB3878BB,SHA256=1E077BDB8502CE23810B0A36066A36F633BD66BDB9EDCBAE14325A2C49C5243E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179368Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.931{F0653C0F-10CE-61E8-3109-000000002402}32761484C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179367Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.728{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-10CE-61E8-3109-000000002402}3276C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179366Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179365Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179364Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179363Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179362Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179361Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179360Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179359Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179358Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.728{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179357Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.728{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-10CE-61E8-3109-000000002402}3276C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179356Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.728{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-10CE-61E8-3109-000000002402}3276C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179355Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.729{F0653C0F-10CE-61E8-3109-000000002402}3276C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179354Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:26.635{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A4B7EC0263B911AAF0FF4F4876B2646C,SHA256=E1B5E7913647426D3ECAA45E38C7A549B19019EF3061BD1069FA662638E6B68E,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000259879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:25.226{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60371-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000259878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.614{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A102DA410A2875C08C2CE21786FB016B,SHA256=6D64DB8CAEB183810AD864EBC4A970323AEDE79C1FC586FE01F662D28BA3094F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.463{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000259827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=149E1B079BE9C3029934432311B7C75B,SHA256=FC03BB41DD126A9D5781439907A2316D8658259ADA093423E49F87061339E139,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.447{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:26.431{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000179397Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-10CF-61E8-3309-000000002402}1060C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179396Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179395Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179394Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179393Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179392Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179391Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179390Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179389Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179388Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179387Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-10CF-61E8-3309-000000002402}1060C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179386Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-10CF-61E8-3309-000000002402}1060C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179385Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.934{F0653C0F-10CF-61E8-3309-000000002402}1060C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179384Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3C1AB98288B34A1241D795D520349F97,SHA256=688E0CA307DB9E1D1FB6AEC37F192934F4ADA98ECFFB1CAD493EEC1788740F09,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179383Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.931{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=8F7E882A01E2ACF194E1B946C6D8901E,SHA256=9B94B534E740D4A9A88105A58CD769604B77A31133302DD30041761C70D99C0B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:27.014{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C5E2CDCCFCE241B3FACAF562714CCA77,SHA256=F52BAB3BA1466C351F56C0EFB62B8C0BEAFA6517F4BC689EAF8AABB27F347D9E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179382Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.541{F0653C0F-10CF-61E8-3209-000000002402}26922016C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179381Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.400{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-10CF-61E8-3209-000000002402}2692C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179380Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.400{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179379Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.400{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179378Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.400{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179377Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.400{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179376Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.400{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179375Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.400{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-10CF-61E8-3209-000000002402}2692C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179374Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.400{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179373Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.400{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179372Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.400{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179371Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.400{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-10CF-61E8-3209-000000002402}2692C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179370Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.400{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179369Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:27.401{F0653C0F-10CF-61E8-3209-000000002402}2692C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000179398Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:28.119{F0653C0F-10CF-61E8-3309-000000002402}10603260C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000259881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:28.030{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1A85DD32B4556430D7963CA2FA7E12C1,SHA256=D0D5E26802893DB4B8AD4EC66FEE5E121860C8164E851659C3981FF243F3DA7A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179413Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.588{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=209970FA9A686D8F120EDDD9810B0E05,SHA256=79D3E6490740DB547426D223747FB35C3A0FAC3906FD7F82AF41F3E35E0F08F4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:29.629{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=62A6B1CFF8F4D187E8A46125BAA20EF9,SHA256=7C0A57489E5229855D514CF2D6ADC9E55B58C8C0C51CA98D062F5073E97EBD8C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:29.629{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=310F5ED2ABF96B45659DEC353122AFDC,SHA256=16437444EDEE7EB797CA7B019D9B4CBF7C3E91445CAAC2525711D1871DC0EDCE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:29.296{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\respondent-20220119080839-306MD5=31AE3B99E9722C70B2B0BF5629B78D35,SHA256=018F3996AECFCFD96518A9A6A1237881C0D4A214E94965D02F176A723ABECB27,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:29.045{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0A841368CE35AC4BE530257B543EBE67,SHA256=38A109B79B6E9ECC2134852B85B07F54F843E7E9D46E5B493747AC92E8600E91,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179412Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.072{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=CDD582AF913E316B29A5E489CD2788C6,SHA256=080BC22A7E9C19B871D93D054B0ED0FEB12FD9B6B03C89E208F732DBC9611046,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179411Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.025{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-10D1-61E8-3409-000000002402}2368C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179410Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.025{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179409Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.025{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179408Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.025{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179407Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.025{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179406Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.025{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179405Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.025{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179404Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.025{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179403Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.025{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179402Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.025{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179401Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.025{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-10D1-61E8-3409-000000002402}2368C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179400Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.025{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-10D1-61E8-3409-000000002402}2368C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179399Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:29.026{F0653C0F-10D1-61E8-3409-000000002402}2368C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179414Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:30.603{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=236CA97A808CE7508060DFD90F79C05D,SHA256=7C9642D460D1A646A63A28F8CDA4E5201C0BD879CDD3A4F09109AF1D6865B503,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:30.293{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\surveyor-20220119080836-307MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000259886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:30.045{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4C063B92E7719760454C65B71DB45E36,SHA256=21084031072B79090426BC9372ACE0DA119ED166C6D5BDE553CBBB61BC79A99E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179415Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:31.728{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=677F251F828F27EA074EB83F32C9BA27,SHA256=E2C2EF606F92AEFDA61DF469E4F291530D22D2AA31F2D26989F83ABF2DA5D83E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.592{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C14166A4FC71A5D0EBCEB31C02033C9A,SHA256=4EFAF3A9E7F6826D074A6016A4C68FBDDA993791762F656BFA181194E8A44B4A,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.510{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.509{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.508{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.508{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.508{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.508{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.508{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.508{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.508{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.508{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000259941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000259916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.493{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000259915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B8808CE78F2213BEE764CB9C81748A8E,SHA256=688D6CFB5081CF9F17345994B638C48212F3B132D980920D86D34AD21F43487B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000259914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000259889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000259888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:31.046{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=01FB47C6EFCAFCF4ABB44D87E6269183,SHA256=55D8A76A0F1AD145EA4543674DA740E3F9FC6CA989EB844E6AF106F599F14EB0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179417Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:32.853{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ACEB3E7DD895A10ACDFC0A59BDF46B8F,SHA256=EE501E2DCF74DA762750D75E9BE24CB4928AAE7F51F0BB9A6B6C7855E4CC866B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000260006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:30.310{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60372-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000260005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:32.053{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=99D65C5EF5690A8AFAD88754F0A0DC3B,SHA256=A15FA00E053FA5DCBA479C1B78D31075DDE7BC9902447E9928C5ED59BA3C1FE5,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179416Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:30.047{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53385-false10.0.1.12-8000- 23542300x8000000000000000179418Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:33.884{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4C502AAC8DADF4198E8FEE006B747A91,SHA256=AF29B8E9340A5A7734FCC251B1C9D038C72A733FCD4E8298A107A26256DDDC50,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:33.068{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=22C73EB48B02FF6AA4967F9CC961F689,SHA256=0CDDBA33F7FE8763037F37227DF92F72C31343CEA1598DCD4ECA0C8C2911FB8C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179419Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:34.900{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FAA4D6DB74EB8441F4CC7DA970C151B6,SHA256=84622BCA3034382DD24C952F99C16FADF00635C7D2964BAD675773E085C80BAF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:34.083{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=28C681B2732B3293ED766FC7A7580711,SHA256=CA3C89E755F92896AFF5FBFB8EEC56CB918E0E65D0800B34976145C34AF3561A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179420Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:35.931{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=02A0E14DB9EC81E1904C78FFBD194543,SHA256=4FF3DF2AA49D267C532B28545197F8DAD0BE4C64652B070AEC2A32676C9DFDB6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:35.098{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=726A6B37EC96F17826B26C9E2151627D,SHA256=F9E7E594C55C086D2D357FB72A98A57D4391A69A2967D8237851C8821CE97B5B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179421Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:36.978{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5819F0E48CFF82FD00965DE71B525865,SHA256=6D800E930310D4A853FC18FFD2EE492CE79DE3BE6A55B1BA25605E8C57499FD0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.781{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=45DED8E32C82861278709E850545A7B3,SHA256=80E695E99B45FAF6332D545B58D8934817BC0A17642EBD771BB6EEA578848B70,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.534{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000260072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6CE014E15E9083C7D0E6A5D068050FF6,SHA256=243E3CB02B3D6BC4BAB0E4428BB260CA999C80ED47823475BDF5E5366859D744,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.519{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.516{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.516{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.516{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.516{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.516{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.516{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.516{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.515{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.515{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.515{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.515{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.515{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.515{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.514{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.513{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.513{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.513{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.513{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.513{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000260010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.116{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=59D7C1861D57A27013B9C547CDDC18A5,SHA256=DF54982A549670130BC6E212481D71774DA07BC5A134018C42FB11BD1D9A770C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:37.136{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8641E3ECEA208FF4A2699530DCA7506F,SHA256=6316451F8B8FCFF0D8A5B7798DA45868AE28278FC4EBB394582B8C1D9E1BCA89,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179422Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:36.002{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53386-false10.0.1.12-8000- 354300x8000000000000000260129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:36.200{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60373-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000260128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:38.164{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E092C7F8ECC6D56CDE391991B16A781F,SHA256=D56C10623FA13CCFDC7ED3C0824EBFD75AC40AD99F1E0729A53BBE4335443595,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179423Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:38.025{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BC46153AEA4C9E87E9691670CAE2B32C,SHA256=43350EA49FC8EAC80077E14B49CFEC8CE96C410D506D7B5967A586665E125074,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:39.213{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E0558658E8E9BC91F7BEC7CEBE019A9A,SHA256=8A251A2BB89F3D773BCCD61C7E27677F7D344CBCC01340A2DE5DC34650334F6A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179424Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:39.056{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7FBE518D86C3455C7236DDBB52E0675E,SHA256=0882F614EA9B7CFABDAA95340B148AFE9A7EB620E1F92A07E67CBD9EA982A723,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:40.230{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=102733185588B6410EB5F716FD053204,SHA256=82AB4ED72CFD788F1B66A31E76B7E3026D5E81EB99B1DDFC991307158619151C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179425Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:40.072{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=56CA8D20616E02DAD11705F4C26D3D82,SHA256=BAF7886453CAE58485CB4E23C06290C067FCFDD6061C97EC0AA7D1798283F3F3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.661{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FBFB299F41028176AAC7C5EB8FF2413F,SHA256=BFA901BF6C377517FCF2240AC81767F0C6603CF0C7CEA50FB7FA47598E591180,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179426Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:41.087{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=51D0B58557E1E112C1109AB87C159274,SHA256=3A622637E137B52687081D0EAE7D560BDB93178D7C6E193EF8483EA02A770BA0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.561{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.546{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000260132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.261{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=80E379E3D54178EE1C1D84AAB8F6A35A,SHA256=C88D29D91B11090B99E42A88BE3C861FED8BCF856E940BAE13C22DDD1A2B67E9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:42.276{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7D63437A17C7789DC88E00ED7ADB5A5F,SHA256=08F961DC1F5F1CC06F2719B9616F440498C90408799119B92FDAF4D3C40E4E90,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179427Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:42.103{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4B58FEFBEF1B8CCD4F5F2FB00BFB757C,SHA256=3B3AE61A8871FD4220B12FDE628BB869A30177B05AD0F3B2BED74C4A84F13A88,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:43.292{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=24168EC92B34A4C6665215158A009F3B,SHA256=82DA6C838484DCD5CD8B3BF874F49A7226773D361954658B02EAA846BCE642E6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179429Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:43.119{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CFF26F77C9D16FF157E3003B3336BD1D,SHA256=F0E7B4B77C9B571B9910A4795A6E102B6C78E36656997285C253B73AC5EB601E,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000260249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:41.310{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60374-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 354300x8000000000000000179428Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:41.141{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53387-false10.0.1.12-8000- 23542300x8000000000000000260251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:44.310{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EFAA612B58819E108F816F0FEE09E2DB,SHA256=9A637F37D7B6F51F4CA4E9622D68D7D36B720CA1C2C96F45F4C41AB169469B34,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179430Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:44.134{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BC6649903B9E4F53DBA8D20B01FE9C78,SHA256=6300D0FE096A29DBD9B137AA609A1D58F4752A553DF4EA37471DE12E99E84600,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:45.343{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=704419CD4DCA6E8023F2515330EFEB64,SHA256=7C079037BA3E8E3E57F8C6656418A1E5CABAF838A87F7C21082F8C33DC07038E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179431Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:45.150{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=213B8AD75F5CCFA6492C55EF461920E1,SHA256=371D406F1159B57BA787F9A08D57990D0583B38D91D1922F3B33B78719A7FE8E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179432Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:46.166{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D0F4BC08B884D799C2683DBA131F7423,SHA256=CFF0ADD93F79B788B281FB3432DC2F119D4625B675FEA02292DEBD9790A48E40,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.842{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0A5E87157AD9BC2CDA6F6A695CA82900,SHA256=24A31E7262212381C8274422AC9634ECCB27BD64A1CF2805772E9EA22696FC06,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.589{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000260322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=68EFBA328086C80747543AE87E18ECBB,SHA256=6714BA1696E984D6A6B58232750DDB054623B62AFA3C82390096AD8E820BB671,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.573{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000260253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:46.357{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6C75BAC66995F10786D765A7442DDB0B,SHA256=2C154E35F67774C1AFCED9CCC1819CA38ABBC703E4857692AE9A3BFA0A31E37D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179433Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:47.181{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A5E528246264D5116E8A6F5F409B2C61,SHA256=728FA8297F272118B0C2B475815508B6231CFB7236EA370D3DB411BACB13F22D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:47.373{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E28E93F0562105AB2C754F138C8B5611,SHA256=07F0E6040DF79BF49257A8F50D6B695E264F98591D0C84C5EDF3D202C416CBCA,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:47.210{ED6274ED-C83C-61E7-B500-000000002302}47004808C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHCORE.dll+64c8|C:\Windows\System32\SHCORE.dll+6497|C:\Windows\System32\SHCORE.dll+6387|C:\Windows\System32\SHCORE.dll+62fd|C:\Windows\System32\SHCORE.dll+620a|C:\Windows\System32\SHELL32.dll+55a20|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11ed7|C:\Windows\System32\USER32.dll+22a53|C:\Windows\SYSTEM32\ntdll.dll+a9824|UNKNOWN(FFFFF80185E73FF8)|UNKNOWN(FFFFFF49E24A5B48)|UNKNOWN(FFFFFF49E24A5CC7)|UNKNOWN(FFFFFF49E24A0351)|UNKNOWN(FFFFFF49E24A1D1A)|UNKNOWN(FFFFFF49E249FFD6)|UNKNOWN(FFFFF80185B8B503)|C:\Windows\System32\win32u.dll+10c4|C:\Windows\System32\USER32.dll+1ea2e|C:\Windows\System32\SHELL32.dll+5928b|C:\Windows\System32\SHELL32.dll+dac4a|C:\Windows\System32\SHCORE.dll+33fad 10341000x8000000000000000260371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:47.188{ED6274ED-C83C-61E7-B500-000000002302}47004808C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHCORE.dll+64c8|C:\Windows\System32\SHCORE.dll+1c0e5|C:\Windows\System32\SHELL32.dll+55501|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11ed7|C:\Windows\System32\USER32.dll+22a53|C:\Windows\SYSTEM32\ntdll.dll+a9824|UNKNOWN(FFFFF80185E73FF8)|UNKNOWN(FFFFFF49E24A5B48)|UNKNOWN(FFFFFF49E24A5CC7)|UNKNOWN(FFFFFF49E24A0351)|UNKNOWN(FFFFFF49E24A1D1A)|UNKNOWN(FFFFFF49E249FFD6)|UNKNOWN(FFFFF80185B8B503)|C:\Windows\System32\win32u.dll+10c4|C:\Windows\System32\USER32.dll+1ea2e|C:\Windows\System32\SHELL32.dll+5928b|C:\Windows\System32\SHELL32.dll+dac4a|C:\Windows\System32\SHCORE.dll+33fad|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000260370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:47.188{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms~RF120fc68.TMPMD5=3BFEABEF62EED5634A3D9EC762FF8CF9,SHA256=8CFFE559F97E8DD9937ED59EDD9BA6381AAF578575E36594FEC60085CDEEFEF0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179434Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:48.197{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C8C3466A33EBE296984F26B48A9B3762,SHA256=90E3D774FCB13C156941081CACBD6AAC98F130103258C44EF820BF4DA0BFEE3F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:48.546{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10E4-61E8-980A-000000002302}7724C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:48.546{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:48.546{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:48.546{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:48.546{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:48.546{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-10E4-61E8-980A-000000002302}7724C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000260377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:48.546{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10E4-61E8-980A-000000002302}7724C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000260376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:48.547{ED6274ED-10E4-61E8-980A-000000002302}7724C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 354300x8000000000000000260375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:47.222{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60375-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000260374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:48.374{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8C5DCD9C5756BEFFBDFF6C8DA522429A,SHA256=C00F34C2B5E17218B4F4F355F10E311F49FDD0CE97C1B2623F6BD7873D146772,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.842{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10E5-61E8-9A0A-000000002302}5840C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.842{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-10E5-61E8-9A0A-000000002302}5840C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000260400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.842{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.842{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.842{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.842{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.842{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10E5-61E8-9A0A-000000002302}5840C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000260395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.843{ED6274ED-10E5-61E8-9A0A-000000002302}5840C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000260394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.559{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=D8354FB996102FA9A24CB8DD1ADEB7A6,SHA256=49FDEE0002FB6168A53B7FE524B5F183614AEDC64D72DBF3D70BFCCC76FFD1FD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.557{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=62A6B1CFF8F4D187E8A46125BAA20EF9,SHA256=7C0A57489E5229855D514CF2D6ADC9E55B58C8C0C51CA98D062F5073E97EBD8C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.496{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3C1CDC8934A7681AD5556AA4ADDC77C4,SHA256=CED51BE02FD09BBF3ED5D7B886876F6D625ABFD9D5135447142F8E7262D55972,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179436Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:47.079{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53388-false10.0.1.12-8000- 23542300x8000000000000000179435Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:49.212{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=66675118158A5C8F5F69AB6564355AFE,SHA256=16D00B91B5E21A0B5305C294BC1DF72E3A11006FC3877139A31F2C757D422B00,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.245{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10E5-61E8-990A-000000002302}7656C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.245{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-10E5-61E8-990A-000000002302}7656C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000260389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.230{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10E5-61E8-990A-000000002302}7656C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.230{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.230{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.230{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.230{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000260384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:49.230{ED6274ED-10E5-61E8-990A-000000002302}7656C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000260405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:50.842{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=D8354FB996102FA9A24CB8DD1ADEB7A6,SHA256=49FDEE0002FB6168A53B7FE524B5F183614AEDC64D72DBF3D70BFCCC76FFD1FD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:50.511{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=798474A628B517FAEF4E69A36146DF0A,SHA256=280AC5A8C97EB4FEB528B37C13824188709C74FE4BA88500FC6116217F43CDAB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179437Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:50.259{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0BA983D0DA0E319B6E0A7F20BD6B2E93,SHA256=3D76165AE5CD4F2F782B03C6060A497AB53D3CD90337BEBD68161A1E686A7E6A,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:50.157{ED6274ED-10E5-61E8-9A0A-000000002302}58404224C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179438Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:51.337{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BDBF471A48451D0ADA3819306F01BE62,SHA256=097030F88671585CB94359AF704AD83A6DE382176BE3A2CF4C772FC9774504CB,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.642{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.626{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.610{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.610{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.610{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000260433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2D78CB0A281B7F8DF412ABD70C2FDE2F,SHA256=624A8DFEAC2E92B7AFD102CF80C7C6E0FDC28CD360F0DEDB71A068863FC2F773,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.595{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000260406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.526{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8B995303D792C835707BE260760B8712,SHA256=7694721DFCCB01DED21C3F78258D3831A0A8C0114E27E7972389E319CB22C8E3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179439Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:52.353{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C198D5BA4B777860102ED602594B0ED3,SHA256=ADA95175E84F0075617E99A92225B977D7AEE53A2A0251F356B44F1BE8FC5D3B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:52.877{ED6274ED-10E8-61E8-9C0A-000000002302}73243644C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:52.642{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10E8-61E8-9C0A-000000002302}7324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:52.642{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:52.642{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:52.642{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:52.642{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:52.642{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-10E8-61E8-9C0A-000000002302}7324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000260534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:52.642{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10E8-61E8-9C0A-000000002302}7324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000260533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:52.643{ED6274ED-10E8-61E8-9C0A-000000002302}7324C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000260532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:52.526{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7F583EE9ABA8824A019B8DD6FC6CEDDE,SHA256=8E44E737BDD822AB9B111829EDB3D0E1A8522A1CCB426099A0CD2C7A8C1946D1,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:52.257{ED6274ED-10E7-61E8-9B0A-000000002302}63087712C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000260530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:52.026{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=24B6A0ECC9A7F505AC431EE13EF0F22D,SHA256=65C219A574E56F512C82532F7FCB6DF57911AD0EC8BCA2BB374496A11CB608FB,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.995{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10E7-61E8-9B0A-000000002302}6308C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.995{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.995{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.995{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-10E7-61E8-9B0A-000000002302}6308C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000260525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.995{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.995{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.995{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10E7-61E8-9B0A-000000002302}6308C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000260522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:51.996{ED6274ED-10E7-61E8-9B0A-000000002302}6308C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179441Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:53.369{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=068036AB1E1B747629B3A1E669D61C13,SHA256=A599D609046A713667DDBEF7784EE716B0732F094063061E1C5CCB38C89DEE44,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:53.578{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DDFB1635B7EE86789B9537960BA0EA3B,SHA256=5E4271569CD54F3237D152B97867B336E0CFA1FE38A66C17B388C644548E3264,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179440Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:53.119{F0653C0F-C6EC-61E7-1F00-000000002402}1924NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:53.010{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=6CECBF3C731B1BCFC6F1F38381F82464,SHA256=A69D3065C927AB91841E038D7384FF4C21713DC15FC459517E68B1E2DD6F66E4,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179443Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:52.985{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53389-false10.0.1.12-8000- 23542300x8000000000000000179442Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:54.541{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3C8AD68461F0E5C82CC21398B1C4E9B8,SHA256=396FA3AF56871586CB62CD00364B628EB33C057D74BA7B8FA28A3E1C1CCE9662,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:54.677{ED6274ED-10EA-61E8-9D0A-000000002302}75287660C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000260554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:54.594{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=69F534FE063DBE69841437C92AD8C3A2,SHA256=F81F697D0BE25E4046A82667A508195201C7A2639E1146C3D06F60A7B6DE7EF1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:54.440{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=F6FA03997D7F51036AE9052E9369A8FE,SHA256=0ABC2C75C1105FBAAE25BA08F0C88F0CFB816A089FD00C9A4837660E178B247F,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000260552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:53.121{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60376-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000260551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:54.393{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10EA-61E8-9D0A-000000002302}7528C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:54.393{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:54.393{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:54.393{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:54.393{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:54.393{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-10EA-61E8-9D0A-000000002302}7528C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000260545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:54.393{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10EA-61E8-9D0A-000000002302}7528C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000260544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:54.394{ED6274ED-10EA-61E8-9D0A-000000002302}7528C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000260558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:55.610{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9335272BCD4D8445BA4A4C7B6EC388EB,SHA256=A9B747086F24DA10F5F8B91B159BF6137862774B688C110F32C61FD54A6E638E,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179445Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:53.032{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53390-false10.0.1.12-8089- 23542300x8000000000000000179444Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:55.572{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B09CAFE310AAFCFB95E0848975FF18E5,SHA256=03790A621D1F314155B6B37D4A429E869F30D4D6AE08945AAF54C8A4890A6F28,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000260557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:53.490{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60377-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000260556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:53.490{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exeNT AUTHORITY\SYSTEMtcptruetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60377-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 23542300x8000000000000000179446Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:56.634{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F76D97FEEC9A2CAEBF11A305648E4151,SHA256=185C49B26A49D0B61D50CA0E3820249FF40F0017B678A41383FE3642B65AADB1,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.674{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.673{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.673{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.673{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.673{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.673{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.673{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.673{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.673{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.673{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.672{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000260631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=37BCA4045B001D6FE1419EF6290E3298,SHA256=BC7063079CE034FA7308129E5137EEF89D2B667B91EF5DB3EB72825ED4CC903F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.656{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000260559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:56.625{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=777928B34EAB69316594D508DBEDC3AD,SHA256=C4C53FFF26CEA5A184EE737BC892769FEDD0D1F9CBE231B08724E74ABC85B782,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179447Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:57.650{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AA80F6067771266DA6A4EEB33F0F59D6,SHA256=83CAE9DCCA93738C0C4AA43BAADC8A7A1AEAECB5C2B0D5A0314FE02EF6D61991,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:57.655{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6EF32E1CBC38D8638046C05CBD0517BE,SHA256=3980E68F4B6D5D9D1EA7DAD58FDE8D3F8C368778F7CDF2DBF9874E96D1385EC0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:57.508{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-10ED-61E8-9E0A-000000002302}7044C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:57.508{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:57.508{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:57.508{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:57.508{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:57.508{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-10ED-61E8-9E0A-000000002302}7044C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000260678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:57.508{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-10ED-61E8-9E0A-000000002302}7044C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000260677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:57.509{ED6274ED-10ED-61E8-9E0A-000000002302}7044C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000260676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:57.255{ED6274ED-C704-61E7-2B00-000000002302}2988NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:57.124{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C87A1D8FD0853959BC6CCD1B827B5054,SHA256=BB2A5782BE4BF882421845429422FF37500E0751E02368C5A9C02ED960D912BF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:58.674{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=14B93B9BF33AB4098941EAAB49CDB2FC,SHA256=28617453E67B0F93425047FF5DFD9B58BCB6D268705B7593B3BDAC00285BCB90,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179448Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:58.822{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ACC4CED6BCC568FB21AA39198DEFC86E,SHA256=074AB2951902A9109F9CF80E2F73172863C3A0ACBD85D518A98709BAACC2E020,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000260687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:57.320{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60378-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8089- 23542300x8000000000000000260686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:58.539{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=43D41955CE035C7D1EE66AED3D0AF757,SHA256=6DC550777BAEDE31D91F173B551770A2FDC27C7DB54EBA0715088E2F19F1591B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179449Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:59.947{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DFFDA5CE44910BAB37959A5DFCD718CE,SHA256=CF114EDA82F837DF38A7F53581FDC098A1C16C90A6FEB71F5C1C0D38D3B12D28,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:59.692{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=66D4B91DA58A03F80DC2C1447BA847C5,SHA256=A7A9FCA8C923473275399207D93690A56C7BE94F4649E1F6810C4EC2147A5FE6,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:59.408{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000179450Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:00.962{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1025BEC83B6EFC9ADB4FD8F5B3F4C66D,SHA256=F1990994FFD54F986ABCE95027D9638D1D98FD3420082AABAE3660006BFC22FA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:00.693{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7C1DB9BF91CA0C1D9FFEEFAFA411D59D,SHA256=0F670921596D40103A6A85EA638AEE1DF7760EBA544CD8D7AF71638815E5DEF9,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000260693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:59.476{ED6274ED-C6EA-61E7-0100-000000002302}4SystemNT AUTHORITY\SYSTEMtcpfalsetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60380-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local445microsoft-ds 354300x8000000000000000260692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:59.476{ED6274ED-C6EA-61E7-0100-000000002302}4SystemNT AUTHORITY\SYSTEMtcptruetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60380-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local445microsoft-ds 354300x8000000000000000260691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:23:58.235{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60379-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000179452Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:01.994{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3FC7C183D612B77DF991077141186030,SHA256=3759101C2663409447F07FE2017553346EDCE20971AB171AB3EAFA6B6AC8F43E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000179451Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:23:58.125{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53391-false10.0.1.12-8000- 10341000x8000000000000000260806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.755{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.739{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.723{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.723{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.723{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.723{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.723{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.708{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000260721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=51E4C8865F9A2C395C4CBF54010C5A81,SHA256=52B45967778E24660429DA4B3F3053D13FD2E3722EBE6BA951DEFEE7D7AF84BB,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:01.692{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000260812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:02.738{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AFBF2C78F39F0ED4103854CFB89482DF,SHA256=3A53497A45B5E849181A65D03EC6ACBB459CC3F02885092FE181FD88F99B6C96,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:02.223{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=15D2C097EF8A17566ACC89EEBC7A0FC6,SHA256=79D5706058C373E417A7ED5440A7961AFC7F4A0CEEA449D00BA53FE925887EDC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:02.207{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0627C7A02A3055E7BFE8B70858241541,SHA256=CF4A905C9E06E3C0E1E3204DF476B23C62A5147E62E5F1CAE3B2211EA9667C24,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:03.753{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=04F4D0F32C3F18EBCCBF062E0DBEB54F,SHA256=70F165CD8CB5D2252E0512D9EE03C0A7C7B9123720FA29E55647CC20497AE275,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179454Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:03.265{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\respondent-20220119080814-307MD5=26E1A90A17A870013EF4C4218FE87777,SHA256=02B0674969846812EB5EACE6FE845327C5B46FC53D45D3793660008BF07077BC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179453Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:03.009{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FCD7D3439E934458E610B67151921F2F,SHA256=63A6E42DAAE9B0573134495E9581DD503384BBB58BFCE146AB5BE2D6B8B88D8E,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:03.669{ED6274ED-C6F2-61E7-0D00-000000002302}9006584C:\Windows\system32\svchost.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000260815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:04.772{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=40A4341B7116C2A4C807DB8FB91EDC4D,SHA256=A5A01C33526CDABD08021697474093E213EEFBEF64E4D8816712B75F1AC26D0F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179456Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:04.272{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\surveyor-20220119080812-308MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179455Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:04.115{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5F2C143B2B927C218C696FF951070D79,SHA256=F2F743D0CCAE3119A20D395E591E0615FF5240877AA0A51FC5C18C0934CB20BD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:05.790{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6EA2EEE0DE6A7166D68532C6125818FD,SHA256=1C20C24FC60209D4DA3B99DA6EA56C2EA77F3CF27E3453EF9F0985C00143C593,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179457Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:05.162{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=388E0B1710E3D765039C11194D25DE5D,SHA256=4E4404A806A5C524F751C055A0FD85A45D65D8B63C2FAAAF28504D033FA83AEF,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000179459Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:04.074{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53392-false10.0.1.12-8000- 23542300x8000000000000000179458Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:06.194{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1F997C2C698355A522D575F61FDE40F7,SHA256=F9AA2480ABF06AF820EEB9674462D6FCA301860DCC191337434ABB06E024FAAF,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000260927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.791{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.775{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.774{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.772{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.771{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.770{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:06.769{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000260817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:04.155{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60381-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000260933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:07.796{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4523EA31DECEC305F7745620E6FF94E1,SHA256=2E259C7D3F2584DF9FA48232D9F7BE72376470618BC6106D5BD6764621268C19,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179460Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:07.272{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=370D832D46FABEDF6E709F416B09A9C2,SHA256=CC9663C19964C44F05DF9E6FA5BB0786A3BBA7FAF294BB9645582729B18176FB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:07.322{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EF3E3D148948714BC53304A814053DA6,SHA256=57537969C97184CC706C0866FBD27CFA4D4880A0A690116EAF2B1A9727D48382,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:08.797{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=22CD507F1549DD7054C3F4697CDF8A0A,SHA256=052249C63C6428C9F4B06015732D6A261AA0EDEBB9E1C92B828843CA41764FC5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179461Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:08.459{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E5C1F960C00AA072562B1B7674519B83,SHA256=148F15EC545EE343DC6C2C4B1B869EDE0B5DEA4ACD8FC5D72D2C4CA51A6011B3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:09.828{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3D62D9DA8D2A4EE5A415528CF9C53CB6,SHA256=045489FA36F2BD2A931FC07E81440F9B5744DCBCBD391DB2DA08CD93339E21EC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179462Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:09.475{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0E3870E6E111677298D2D06A4E19FE7D,SHA256=3868BF5323986533C941FEEBBC1EF7B2E98D67B462CC9C4F57B9F0DD2F944206,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000260936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:10.842{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AB06FB2AA2F7408DD5B750E84D1EEB69,SHA256=B4D7E3AAA5E59D38A833FD95EC301CD8B6073FA2F8A9587210FB87B3EBC1FB5E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179463Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:10.490{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=64BD85F5E7069F1EA28BFEAC6504BBF9,SHA256=8BB788FCF4A3C72E1AE39C9BCBD76B7BF0545A0B2A5B916268DD4073DCE533DB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.957{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=79DB0A93D1EB0A0E43CF930CB06BCA16,SHA256=A29E6B5DDF728727273500C9498BB69A9D5E68DAD3548EDD08774E9EFE7660A5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.941{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=81F244DD7A8BCBE534CD3CC1A370CC17,SHA256=CF8EE7BD425ADC08FF7BF1F846198009ACA27C42314EF2B3C5237341B6BC7F09,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179465Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:10.106{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53393-false10.0.1.12-8000- 23542300x8000000000000000179464Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:11.506{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5F1EA68F74CC6CAF3CE2BF9504FDF052,SHA256=5143CAFF360DD47453EABF53840608B90FBFEA187F72EDDB6D250FC55B209AC9,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000260993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.810{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000260967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000260942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.795{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000260941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:10.161{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60382-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000260940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.695{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\kerberos.DLL+96ef2|C:\Windows\system32\kerberos.DLL+793e4|C:\Windows\system32\kerberos.DLL+1443f|C:\Windows\system32\lsasrv.dll+2f1f1|C:\Windows\system32\lsasrv.dll+2d0d6|C:\Windows\system32\lsasrv.dll+32919|C:\Windows\system32\lsasrv.dll+30267|C:\Windows\system32\lsasrv.dll+2f1f1|C:\Windows\system32\lsasrv.dll+1752d|C:\Windows\SYSTEM32\SspiSrv.dll+1a96|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e 10341000x8000000000000000260939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.695{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.579{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000260937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.574{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000261064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:12.956{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C1795A64A9BB05FF0FB98FBD9B53A102,SHA256=2F0707F8A29ABD862AB70950779C46DF110063E198F0577CED81F9FB4CB5DBEF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179466Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:12.522{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=08CC9D820359BAB03DCE496F26679007,SHA256=255196A9239EEF3AF001EBC76A51117D7F974776F1005CE78331620F80BD743B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000261063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.650{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60384-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000261062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.650{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\System32\svchost.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60384-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000261061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.641{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60383-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000261060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.641{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\System32\svchost.exeNT AUTHORITY\SYSTEMtcptruetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60383-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local389ldap 23542300x8000000000000000261059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:12.641{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=2AC12E9B570E5EA1B62FEC6FE1279900,SHA256=18C834D8910960DC779A3E51F5BE473EC79789BC908EB5B6FD2D2FF9291A392F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:12.641{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=2C930D6F41B4F4EA7970C83A232FFF5E,SHA256=ACEA0EA4B0F71D58935C04BD6535216944C66413587B4C6C1B869AB4D15BDA8E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:13.974{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D55F77323142894B044134D8F25D635A,SHA256=3C581D49ACBCF49BF3D43A02639C883283E465F67B73202C2F70F06E64A81BF7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179468Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:13.991{F0653C0F-C6EB-61E7-1100-000000002402}980NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.datMD5=1902F2CFEC78B3223A1C57D682BD01CB,SHA256=F49F298D8787B14A5040764064523D9FA1AB2BE0661D4AB579CC82DC3AAC829F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179467Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:13.537{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CD66E735408C1DC9F748B603FA37BFD6,SHA256=8DD06AF192ACEE8D96505BF5D4CD57EFE74071AA282325B79426077D62F607C6,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000261066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.767{ED6274ED-C6EA-61E7-0100-000000002302}4SystemNT AUTHORITY\SYSTEMtcpfalsetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60385-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local445microsoft-ds 354300x8000000000000000261065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:11.767{ED6274ED-C6EA-61E7-0100-000000002302}4SystemNT AUTHORITY\SYSTEMtcptruetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60385-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local445microsoft-ds 23542300x8000000000000000179469Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:14.537{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E8577AC1B2A3BEB3CA16EB2644456C0D,SHA256=DD92DCEB6C24988F76DF82CF8ABFE137DED11C376A6FC9CC1EBC89B56AFDFD48,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:15.994{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2916A66CD0A76B42992F64EE494BBDA3,SHA256=8C32409A075565E45DFE4AD557C7FEC522D6599237F2A0949409EA17FE32C580,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179470Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:15.553{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A5A707CB4527271C7C0831BFAB97A6E7,SHA256=BDBB2299C095D6666C578F96031A7908EDD8FDFE28470AD98DE3F2F0CF4637A3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:14.992{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2CB430251555FA6BF71EA21A8BFA1B21,SHA256=13C40A12FF2A7C34815941526F8A9703B658B3103154DA98BCFE4552C707581D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179471Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:16.569{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AE175F65DF9F82DDA19380C2B297CBEF,SHA256=859A7F1AF372EDF7291366B072170E746022799C5E87DF151B88361448EDF9B2,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000261184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:15.272{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60386-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 10341000x8000000000000000261183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.840{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:16.824{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179472Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:17.584{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4CCAFB78389789176F74887A4DDFB52F,SHA256=5D2070520A15447B0130538E6501FF6475044A9C66C4162FBFB8879F5A4BA969,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:17.055{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=77044162F59EE699FDB5F6C08D7075FE,SHA256=0E8DA65A43C89D017DC0EDAE5458DD4CCD9F19484359AECB57C433808D9D5798,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:17.040{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6363209559DBA067526F4A17174FE3A9,SHA256=30B9981A85333F337A395CCE7482C410A07793A3A4FA261146BBDBF1E1D4F6F8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179474Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:18.600{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CA9867077DF0D1D3F2595F5F301C679B,SHA256=A170105997BF83A9DEC707DE0A2C9E425CC4E4572C0C27CFCACF763DAA437ADC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:18.046{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=459048AA80B725F12109D892BACD90EB,SHA256=33458312C52B4EAA6419755DE561C2FA635A381733A67ADF49B11F729DEC0614,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179473Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:15.981{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53394-false10.0.1.12-8000- 23542300x8000000000000000179475Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:19.615{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A7E24519579D2921EF145392559068D0,SHA256=5DFECA3B6BAB0D1FC2E39A1F2997344EC013CD9B1ACDA17432E1D7B4FAC8B6C3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:19.066{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FC42D42C3240D96F13D8CCAB30F69BD6,SHA256=D0946A70FCB9EFFBCF5C88E7E5CEEECA92BEAAA246F8F5847033B2B7BF36D5B3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179476Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:20.631{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F0C08B6081BB74B6C2CA7CAFCFE9479B,SHA256=054D7BBFFE5AFF5A607D1DDE8F7E547A1A4821C61D685839E3449F69542414D4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:20.083{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0E417B35579840FDC9CECD03F3D44714,SHA256=64B86417650032D2C8FA044477B54E430C3A4B4FA063D9F962D17061EBD786EF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179477Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:21.647{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0FEBC933B7FE0A896B0839D807C935ED,SHA256=38F507DCAAF316F2D25BFA9DB5ACBF49C54C41CA4A4A77A4E561C437EDEEF910,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.884{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.883{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.883{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.883{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.883{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.883{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.882{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.881{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.881{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.881{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.881{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.880{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.880{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.880{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.880{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.880{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.879{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.863{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.848{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000261190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.133{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=DE8FFD8F0D99916E666AD92C152A2788,SHA256=2E710A323310C55BB95A468848F8047B6FE640E482E0D38E35751AC89C4C971A,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179505Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.756{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1106-61E8-3609-000000002402}3756C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179504Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.756{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179503Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.756{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179502Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.756{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179501Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.756{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179500Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.756{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179499Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.756{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179498Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.756{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179497Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.756{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179496Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.756{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179495Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.756{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-1106-61E8-3609-000000002402}3756C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179494Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.756{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1106-61E8-3609-000000002402}3756C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179493Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.757{F0653C0F-1106-61E8-3609-000000002402}3756C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179492Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.662{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9E87865F6F0A948DAE37518D66D0E63E,SHA256=E1B31F7A1049407C052164DAC01235E00E9A615F9B2DA139D604020C13D38338,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000261308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:21.198{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60387-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000261307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:22.186{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D1C51BD9B76D16E4608851C590319F54,SHA256=758A7B775E3B4FA38B428620448A1AF178EF22B5248BCA0A98B50A6DE7AE2A84,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:22.186{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=405D5FFF018C7CFFA88A6DCE6582B7CB,SHA256=32CBFE29A32A95E47540DE35150064E3300E97D5AF8C54D6159A402EFB15A431,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179491Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.569{F0653C0F-1106-61E8-3509-000000002402}25243500C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179490Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.241{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1106-61E8-3509-000000002402}2524C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179489Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179488Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179487Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179486Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179485Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179484Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179483Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179482Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179481Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179480Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.241{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-1106-61E8-3509-000000002402}2524C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179479Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.241{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1106-61E8-3509-000000002402}2524C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179478Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:22.242{F0653C0F-1106-61E8-3509-000000002402}2524C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000261305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:22.081{ED6274ED-C6F3-61E7-1300-000000002302}704NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.datMD5=33E0EA89072C9D884E414ACA18E1DC85,SHA256=2BB3DCD905C272EA14EDB9824050E4FF85FB9F2D84CF22522E333C91F4B9CBDC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179521Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.803{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=797707BB22DB7A3EF587DF8C43966981,SHA256=421535B90560E8E426E3DAE2CEBF5F375B86623DA7488B8DC09D635DD5989377,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:23.447{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=73A4D1EEEE37DC16ED52B5EC2E903E09,SHA256=0A0DAD4B0753D912BBB4E78C79C948E45AFFF276CAD9A4ECEC8EF829E4E357DE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:23.447{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=2AC12E9B570E5EA1B62FEC6FE1279900,SHA256=18C834D8910960DC779A3E51F5BE473EC79789BC908EB5B6FD2D2FF9291A392F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:23.200{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1DBB0BA12CFC33C97328E6C83B9C1A5E,SHA256=C3CF0402954B8D69B8E773248A92E7CD254FC8F17C5DA896B765A6D2D9A027F8,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179520Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.428{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1107-61E8-3709-000000002402}2432C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179519Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.428{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179518Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.428{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179517Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.428{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179516Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.428{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179515Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.428{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179514Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.428{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179513Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.428{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179512Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.428{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179511Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.428{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179510Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.428{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-1107-61E8-3709-000000002402}2432C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179509Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.428{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1107-61E8-3709-000000002402}2432C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179508Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.429{F0653C0F-1107-61E8-3709-000000002402}2432C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179507Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.319{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=77A5BC23AE294876EDE2D93B132844FF,SHA256=C81800E8D6762B9CD9840F5445716E4D7B638756CA49C32CF6FA70707B63FA26,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179506Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:23.319{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=34CD4FA78E0A2A68416F8F68F3642174,SHA256=EF90B589923CBB8BCD73C435E8BDD0B42FC2D43C69498DE82266661FACFD269E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179524Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:24.819{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AFBDE522B87E8A9EB9421768E9ECFEFF,SHA256=504EF4C526CB038320A31D1C0873B023F66136E34AD70835BF0F83A56A5202C6,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000261314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:23.527{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60388-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local135epmap 354300x8000000000000000261313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:23.527{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60388-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local135epmap 23542300x8000000000000000261312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.230{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BDE0FC367CEFE85C847AC0F56C82E121,SHA256=CFD85F9819DAEA9C54147048FD27F9D0E038359C3FC1842966EBFCD63979B91A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179523Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:24.475{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=77A5BC23AE294876EDE2D93B132844FF,SHA256=C81800E8D6762B9CD9840F5445716E4D7B638756CA49C32CF6FA70707B63FA26,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179522Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:21.106{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53395-false10.0.1.12-8000- 23542300x8000000000000000179525Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:25.850{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3196E777076E368AC75FA36D9B09497D,SHA256=480437444E4073465C02781878A0554122CAB4958063DE49BCFB0B075AAC5A41,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:25.319{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=73A4D1EEEE37DC16ED52B5EC2E903E09,SHA256=0A0DAD4B0753D912BBB4E78C79C948E45AFFF276CAD9A4ECEC8EF829E4E357DE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:25.234{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5515EF0E351B135FE388B7DBAA5D6B9D,SHA256=224346106FFF2BC2ABAAFE990709D31BA2B802B0D3CCEA405E5C87441B9F7E44,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179540Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.944{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=43A18483ACA5FA77CDD069D42C68D1E4,SHA256=D785D9B82AC3AD4DA7EF5AF1957D7A2DD11688385CE126A3739EC4DEA16D912B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.979{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FD0E521540794879C509EC9FD2298F11,SHA256=F947EF1143EDEADF52E5632E31237A101DAF60A18F2A7E01EE25E3F054F2B577,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000179539Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.912{F0653C0F-110A-61E8-3809-000000002402}3592520C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179538Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.740{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-110A-61E8-3809-000000002402}3592C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179537Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.740{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179536Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.740{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179535Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.740{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179534Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.740{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179533Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.740{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179532Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.740{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179531Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.740{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179530Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.740{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179529Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.740{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-110A-61E8-3809-000000002402}3592C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179528Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.740{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179527Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.740{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-110A-61E8-3809-000000002402}3592C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179526Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:26.741{F0653C0F-110A-61E8-3809-000000002402}3592C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000261468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.917{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000261414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D5D0E4380F7549256C599B271C4F579F,SHA256=C78F5532ADD25DBA00BFD178903EB09CDD6B8244EABFE73E8ED1B029073F6725,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.901{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.899{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.898{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.897{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.896{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.895{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.895{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000261358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:26.299{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A787ACD91320DBFBC5C0BD7024777D6A,SHA256=CB88EBD644371F72593BC0EC2535861BCD1E90028E998ABD3D30056F19DA2F1C,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000261357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.436{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local52044- 354300x8000000000000000261356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.435{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local64464- 354300x8000000000000000261355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.434{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64223- 354300x8000000000000000261354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.434{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local50799- 354300x8000000000000000261353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.433{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local63178- 354300x8000000000000000261352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.432{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local56159- 354300x8000000000000000261351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.431{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local63108- 354300x8000000000000000261350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.430{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53109- 354300x8000000000000000261349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.429{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local62351- 354300x8000000000000000261348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.428{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local64069- 354300x8000000000000000261347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.427{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local55729- 354300x8000000000000000261346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.426{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local54296- 354300x8000000000000000261345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.424{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local65262- 354300x8000000000000000261344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.422{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local65145- 354300x8000000000000000261343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.420{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local62968- 354300x8000000000000000261342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.417{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local63402- 354300x8000000000000000261341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.416{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local63767- 354300x8000000000000000261340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.410{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local56524- 354300x8000000000000000261339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.403{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local51277- 354300x8000000000000000261338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.402{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64228- 354300x8000000000000000261337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.398{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local51673- 354300x8000000000000000261336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.395{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local56037- 354300x8000000000000000261335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.390{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local52732- 354300x8000000000000000261334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.389{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local63743- 354300x8000000000000000261333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.387{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local51150- 354300x8000000000000000261332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.386{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local52022- 354300x8000000000000000261331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.384{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local54090- 354300x8000000000000000261330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.383{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local50730- 354300x8000000000000000261329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.383{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local52886- 354300x8000000000000000261328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.382{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local50401- 354300x8000000000000000261327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.380{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local61739- 354300x8000000000000000261326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.378{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local64246- 354300x8000000000000000261325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.377{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local64928- 354300x8000000000000000261324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.375{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local61739- 354300x8000000000000000261323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.375{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local54268- 354300x8000000000000000261322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.374{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local62319- 354300x8000000000000000261321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.374{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMudptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local62319-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domain 354300x8000000000000000261320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.373{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local52261- 354300x8000000000000000261319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.373{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMudptruetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local52261-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domain 354300x8000000000000000261318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.363{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60389-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local49666- 354300x8000000000000000261317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:24.363{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60389-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local49666- 10341000x8000000000000000179569Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.990{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-110B-61E8-3A09-000000002402}956C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179568Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.990{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179567Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.990{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179566Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.990{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179565Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.990{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179564Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.990{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179563Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.990{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179562Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.990{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179561Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.990{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179560Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.990{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-110B-61E8-3A09-000000002402}956C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179559Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.990{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179558Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.990{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-110B-61E8-3A09-000000002402}956C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179557Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.992{F0653C0F-110B-61E8-3A09-000000002402}956C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179556Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.944{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=067317BD86EE2468C2D8F1289AE6D6BE,SHA256=26252764CB7E64E5C4940D9F8C717B6F0F7B91510B4E468E94C2FC117BCB08D7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:27.317{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F8952754E94C352865BDC5B1C99FF9A1,SHA256=7ED1413A46E2C8F294BF3FA9EC8BA27DBF69893E8D354D1071DB048F0E5D7985,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179555Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.740{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=7CC81AEFF9CEB3FDC66BD15A6C49A6F9,SHA256=C8FBDD9C29B403E5181F873C8A9EF0AB1E0CB6C47963DDFC512157A2A693A809,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179554Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.600{F0653C0F-110B-61E8-3909-000000002402}29563796C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179553Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.412{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-110B-61E8-3909-000000002402}2956C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179552Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.412{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179551Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.412{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179550Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.412{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179549Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.412{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179548Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.412{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179547Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.412{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179546Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.412{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179545Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.412{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179544Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.412{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-110B-61E8-3909-000000002402}2956C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179543Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.412{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179542Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.412{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-110B-61E8-3909-000000002402}2956C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179541Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.413{F0653C0F-110B-61E8-3909-000000002402}2956C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179572Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:28.975{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=52FA60BDB9DB0A31A5E48D04BE764A0A,SHA256=630F55E34B6B3519CFD33A747D945005A057C4B7AFCD6550F1B069DDFB30780F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:28.416{ED6274ED-C6F2-61E7-0D00-000000002302}9002672C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:28.416{ED6274ED-C6F2-61E7-0D00-000000002302}9006584C:\Windows\system32\svchost.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000261476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:28.331{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AC1913D631FBAF8D1C65C57802889725,SHA256=2A59BED8D36A1AB1E515D57F1BB9A63AA64FD873DAFB36D4DEFDA9974487726E,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179571Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:27.012{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53396-false10.0.1.12-8000- 10341000x8000000000000000179570Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:28.131{F0653C0F-110B-61E8-3A09-000000002402}9562936C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000261480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:29.346{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FA840F13DE0BE04B4F296D24DECA0EDD,SHA256=0727727C6D278D9752362826316CA8983AB0AF896270FE91D2657A4AB6B96E50,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179586Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.069{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=67EF6861FE6B6457251732541DEA2923,SHA256=561EC33A366EFAB48DB25D4C0F83E78658F6711298FF3041B53904791B6A99B7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179585Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-110D-61E8-3B09-000000002402}2840C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179584Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179583Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179582Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179581Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179580Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179579Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179578Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179577Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179576Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179575Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-110D-61E8-3B09-000000002402}2840C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179574Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-110D-61E8-3B09-000000002402}2840C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179573Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:29.022{F0653C0F-110D-61E8-3B09-000000002402}2840C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 354300x8000000000000000261479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:27.097{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60390-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000261482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:30.849{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\respondent-20220119080839-307MD5=31AE3B99E9722C70B2B0BF5629B78D35,SHA256=018F3996AECFCFD96518A9A6A1237881C0D4A214E94965D02F176A723ABECB27,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:30.376{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9A5AD6BDF3744DDE7336D2302A667652,SHA256=47BB465049FE52EFE08934C0A7A2B213E9F592B6BEE31FD0B8B344D47DE36485,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179587Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:30.115{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=612F92ABB9BBFA18139567B5F8C932DF,SHA256=996C2EE7545FC53B98FEF999D1B3276E94ED6F5BB8A3EF6B6D2CC5DD1FADF203,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179588Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:31.240{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7BFF57C814B0F8D67CBCAC38B1205E6B,SHA256=F7578477B4A844BE0E83DAFE61AD875A37E83E2282EA77A7B9E9568A991A0FFC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=135AC711C78045F0A0D736B77A6A8C4C,SHA256=4E7793974669691DAD21E7CC375036FE70F9B907F1A7F204D179ED8F5492108D,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.944{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.929{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000261484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.861{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\surveyor-20220119080836-308MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:31.398{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D52DAE250662F207EE3AE7395FE92BAF,SHA256=2A85610C4F7DF2D3FC1172895C8048939A34CFA54DA86F60DA0ECCD4A498B306,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179589Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:32.256{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2BEB8924996E6CFD6AAB58D802ED9CC6,SHA256=8B3F436A47428A82ADBCA58C73BE507F2F55C3E9C8687278C9A1D6E402140FF8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:32.405{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CED3C8E3713F2520ACD0837EC3481413,SHA256=64B871D1553D40FDC72A4F2BF491B1CA61A5B270048EEB7514047080A362B5CE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:32.113{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=574C86EACC437A0A8A5A00AAF945AA92,SHA256=25D91FA7EA4A82F27A01D2385DA2196DC87EFD7E2360DEB2CEAA7407571A8CE4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179590Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:33.287{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F63940D7580DFEBBAD004054FC3601CA,SHA256=0206772511A95726B93161708B574FCA328C2D33FCE4D4D0CAE9A1701DB4AFD6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:33.420{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E2E9D38A5A2A1F0F2DAC730D8DE5956E,SHA256=FC48C37357A75CD1983F424D3659A8B0A83CEEFCBF22BAB716AC8AF912288445,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:34.442{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=84568A1ED4488FC2967532642FC7754B,SHA256=64F11DEA562691D4BA8CB72D9D41368221525D53AB02C1AC9A44FD3D4F959E54,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179592Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:34.397{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=96E868674DA15DDF43B1B2E2C88205E5,SHA256=AB74E7C2A76C102487C0805CFB915B016A5FE362086ED94331E7D7B1600A020D,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179591Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:32.074{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53397-false10.0.1.12-8000- 354300x8000000000000000261603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:32.193{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60391-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000261605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:35.443{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=599AE0E76916BBE53195D49111D47C65,SHA256=6216F21D5126117C78BF579D514A186D3BF8307F656DE66862CED9F47FF2E6DD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179593Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:35.443{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=412FA4805FB59C290FE6F9DE086A575D,SHA256=156BBEDF4438C119FF612F98CEFBA7D7A19A58A9E927B68A27D44E8A77212151,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179594Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:36.475{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6B7CBE83D51EC7FB67AACE6B2F15107E,SHA256=EAE734DFD32DB6E097047F574238884FA068563ABFC1ABD7FFF25EC7B4786E55,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.977{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.977{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.977{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.977{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.977{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.977{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.977{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.977{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.977{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.977{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.976{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.975{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.975{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.975{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.975{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.975{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.975{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000261695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.975{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=464A400360FC02C895C6EA4070AA6B40,SHA256=9EFC91A8410D261828C7CF66CA30836DB7829F470B9586333988EEDE1D3C9A00,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.975{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.974{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.973{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.957{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000261606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:36.457{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7268E869E3F5372FD257A7A5084EDCF8,SHA256=396C08FE264DBF5B9FD34522113031EA2297F94DBBE2A49AFC959229C9196FF5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179595Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:37.506{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D36713B797861C52201991C0A40B4EDA,SHA256=B0A183193F79B6C16E07A5593F8C351CAE2EEA55661EFC0AD6612AFE5786ED9E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.478{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1E22458F9BD13A161E3E5326B1DE56D9,SHA256=1A937982C11926850395043C731A9774427BBF498D7EBEBDB64C03FF5A6C9B92,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.074{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F721BE6627BCF188E42CF30383471F6C,SHA256=BA33FFBC02B7EA3E7BAB695B5B81A7D7FDBB2D455DD92A3252673064EFA8A0E3,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000261770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=532B0031F36CA7B0CC829455099F3F7F,SHA256=C3ED2476F84F06C79AF951D51FD2F2E5A1BC2407F23343E10C28A6C1AB3A84F6,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+c72a|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000261722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.041{ED6274ED-C6F2-61E7-0D00-000000002302}900920C:\Windows\system32\svchost.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+c604|c:\windows\system32\rpcss.dll+dade|c:\windows\system32\rpcss.dll+a6fb|c:\windows\system32\rpcss.dll+43a31|c:\windows\system32\rpcss.dll+43b62|c:\windows\system32\rpcss.dll+43e9f|C:\Windows\system32\svchost.exe+1380|C:\Windows\System32\sechost.dll+14412|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000179596Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:38.600{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C0AF5D93C9D1AADE63A5A4520754BE24,SHA256=76FFA8244B867D1360B101D1DF762450D86352AFE3090570759FC45E40464290,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:38.493{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CF42C0AACDC6E8013F4384AEFF0276B0,SHA256=C8628933D6648A07B2C66EE9A1AB752802D2BB616F2D88F8FE514FB9D7C7F262,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179597Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:39.615{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C4D1D0F4C7067C56C75CEA00CA08B115,SHA256=9657FE5B3A8BCBC73B4C8D3D089A69E6455260363F3A66DAE4078CE09088F723,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:39.508{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=97625CED459334F01AB771B4CC902243,SHA256=D4799B421D180520DE1CB1EF4EB9DDAE150FFD4722EB64FAE468CA00A9743F61,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000261778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:37.323{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60392-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000179599Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:40.725{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=77F86E41E9D5F4CBE67A81DB7EF16BFF,SHA256=6E47EE75A0584464E8DC74219C0EC2D0E800AC4A93E38C023FF25FEBFDD4AC3D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:40.538{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=75A8AD43454D5DC7F241F8B4BA720ABA,SHA256=38FAE9D0496EB7C153D550D1A993500AD23A3C6F197A419BA663E19369D86DCE,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179598Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:37.981{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53398-false10.0.1.12-8000- 23542300x8000000000000000179600Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:41.756{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AF2E6F359DAE2775FBE56226C8570423,SHA256=9AEE67913A0B1AABF7F988EE61A225F0D2F28A7A87611F3878EF67DDF95A616C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.990{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000261781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:41.552{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D212F28D7AE1C7BBFCC8CEF711237239,SHA256=E53D6836570E585C3075F9400D90470C8A501689E8F2EA37251C717F5822767B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179601Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:42.772{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9897E9D89660824230A4E57450148DAD,SHA256=4E9298E2321CB650CFA2F7EE7C62DE9505083C65B621C0E863B97020DBE8E7F1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.590{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EF985DB7506676FF0CC4D135EF0DF55F,SHA256=5DAD606783475F1242B7E7CCE3E5FD67C86A82392BD64BBF5A5E0EF61376752F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.152{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0CD59472AF86A053C1814472FC7F9AAD,SHA256=38BD62BEA927417382F7B0F54489286597B88674533230F744DE59B34D2ACBEF,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.052{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.052{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.052{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.052{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.052{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.052{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.037{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.021{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000261830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=874F8F7103C707E0B606B12A34ED6891,SHA256=4E8E33A89C1311F54704E462A6070368B3B5DF9EFB06A97E74AB6FC7F2B213BF,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:42.005{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000179602Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:43.865{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=37A0DFD4A38C66F8CFC4FBD41D931C0D,SHA256=5D7ECBC4EDB0A52112F5F695F8E4C6AB478188B10F4DDD642B5836A802389083,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:43.596{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=76F747C54D1759BCE7A951C103CBEAA4,SHA256=670F4FDCB3FA99FA7751E1601AB5BB61F8129BC96AA6AD0AECE6B9D668C4C387,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179603Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:44.928{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A7C6E94938ADE85B89DA80E41E3B963A,SHA256=B51BCC91BF270DA89CD0A955115FA2B160F9638FB9A31E669E21DC8DBD41FC0B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:44.596{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A04064947961BBF4B30218166C11C224,SHA256=947936EF216109C021E7F425B8176E460A33DD420422B3183A3E28EBF24B6A22,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179605Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:45.959{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A4542C905FB39C9C42D0BD7DB0C149CA,SHA256=93186E1A498D6F3FCEDC5B5403313353939C9F964D71457B3E642D4610C21CF9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:45.610{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6E776D93564D683BFA040ADC43634C61,SHA256=2B47B36A7EAECA46237D235A7E88F60E4D7825D2F6C2190EB8A1510117B348AD,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179604Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:43.121{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53399-false10.0.1.12-8000- 354300x8000000000000000261901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:43.220{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60393-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000179606Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:46.990{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D58FB1AE6829956624024CF7AC92DA73,SHA256=1AEA6BF379B36593E0052B9ED208A9402A3EA8AAC0E5067F810B87C8A04483C3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000261903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:46.626{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B2C186BF4BCAAD0279EDE08A5B67EFF2,SHA256=C91E3E782B6CC00B5CF8548DEFC7D1E7356630608F6842C6FAE6A6E6E92EF1D7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.656{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5A79EE8D38AA221BC5960A9DF3564837,SHA256=BFD758D9B547A64A7D04896991A51242EE34959F3C4B37F641402624B3B084A8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.140{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F3AAB3ED634F72D6B839390B8A405113,SHA256=4EF904B82C241B300CC0B96CD188527A66B0C2A9AD393E207DD33605D0ADD4E4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.078{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.077{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.076{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.076{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.076{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.076{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.076{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.076{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.076{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.076{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.076{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.076{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.075{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.075{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.075{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.075{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.075{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.075{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.075{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.075{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.074{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.074{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000261956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.074{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.074{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.074{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.073{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.073{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.073{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.073{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.073{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000261948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.073{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BB7B10AFC02170172ABB34EF2B5DEB2F,SHA256=10B68849DBA7AAB1538820152193A8370EE99DEA85CFD33C6422A8973BA8578B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000261947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.073{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.073{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.072{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.072{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.072{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.072{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.072{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.072{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000261929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000261904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:47.056{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:48.781{ED6274ED-1120-61E8-9F0A-000000002302}54207012C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000262029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:48.676{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=84806B8871E52BBBCCAF494A25CB15AE,SHA256=96E575476D97DC4C68333F7D36E2947E65B340DC52104C9F8934E3638250C86A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179607Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:48.037{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=24B426C02A907E02F850AFFD0A79745A,SHA256=0433BF1CDC4D38DE396A05E74675DA1A2F19FFFB670E93387F27CD5802D061C2,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:48.555{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1120-61E8-9F0A-000000002302}5420C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:48.555{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:48.555{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:48.555{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:48.555{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:48.555{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-1120-61E8-9F0A-000000002302}5420C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000262022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:48.555{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1120-61E8-9F0A-000000002302}5420C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000262021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:48.556{ED6274ED-1120-61E8-9F0A-000000002302}5420C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000262049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.906{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1121-61E8-A10A-000000002302}8188C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.891{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-1121-61E8-A10A-000000002302}8188C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000262047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.891{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.891{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.891{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.891{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1121-61E8-A10A-000000002302}8188C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.891{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000262042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.891{ED6274ED-1121-61E8-A10A-000000002302}8188C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000262041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.707{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=00F8D5136F1468F3B271DB46D3EC23B0,SHA256=5E474BA3A28A1521E1AAB9349DC645473EA77BBC955E81A822D0611D9433ED89,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179608Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:49.037{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CC3665CF7EE02C9484E8B6C962C11E7C,SHA256=06FC615307275A0267A34A53A601FE8D1FB1D0FFF115952E58166D8169A60787,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.560{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=7DDBFE5860CB24AF22603D93338AF63A,SHA256=8791D6280C7414939FD93D512A040753F25372228FFF823082E9570091448416,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.560{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=CF3AA1DE4D3A757C8F306F46B6E03E90,SHA256=0150BD480C68F0EB5FB354927B28532AE535F4A393DCB1F3AFBDDE1F4FC5D6A1,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.223{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1121-61E8-A00A-000000002302}3844C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.223{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.223{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.223{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.223{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.223{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-1121-61E8-A00A-000000002302}3844C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000262032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.223{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1121-61E8-A00A-000000002302}3844C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000262031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.224{ED6274ED-1121-61E8-A00A-000000002302}3844C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000262052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:50.906{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=7DDBFE5860CB24AF22603D93338AF63A,SHA256=8791D6280C7414939FD93D512A040753F25372228FFF823082E9570091448416,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:50.738{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D6B4F1D54B50F3D6163842E510E00275,SHA256=B887D399E9CB34A683625AE2FB4C66B34B16EAB0D1D5AE1C647CFA6A7574ECAE,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179609Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:50.053{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=40DA32E796E93CC58308C871DB4B50AD,SHA256=ACE58C2FEA0499F115C27ABBD0493DD9A206EC60A939201A78F724E5DC2DAFC7,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000262050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:49.151{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60394-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000262053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:51.758{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=88E53CDAAD2C174DBBAA037F737BDC57,SHA256=7C24B441C79B8996ED216530AB675D30ABA53B9B76D0AA92426BDEB395A5D5DA,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179611Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:49.074{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53400-false10.0.1.12-8000- 23542300x8000000000000000179610Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:51.068{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5D6EE679DDE1A8A06399AE263C4BAABE,SHA256=55F11B290BF061D7AF8BCAB4C3E65DE62210534B00F03BBD92B270C091E6765A,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.980{ED6274ED-1124-61E8-A30A-000000002302}52888008C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000262188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.857{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BE8DD3547D209FC941A3BE9AC58B3AB4,SHA256=7D9A00893A4BC98584D9274A8DDA48BE4F14D3C052F434AF101009C82A43B13D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179612Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:52.084{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=048282ED47030CC3EDBF1A494EF052D7,SHA256=CC0F393982C60EF3D631814A5CDC264D14358D78C90F42B9A99B277DE5D028BB,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.673{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1124-61E8-A30A-000000002302}5288C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.673{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.673{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.673{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.673{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.673{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-1124-61E8-A30A-000000002302}5288C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000262181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.673{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1124-61E8-A30A-000000002302}5288C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000262180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.674{ED6274ED-1124-61E8-A30A-000000002302}5288C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000262179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.473{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ABCB47079EE85C4AE93FCA5A8020D48A,SHA256=4D85F78914B2BFD5D2659EA6F6D87D06EAD5DE57087951B06260D9608B71E85B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.220{ED6274ED-1124-61E8-A20A-000000002302}76167428C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000262177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.220{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C74D98D89FFE70E96A74126D3B10D836,SHA256=6C0606DC60A7C582C6D8C9D85DC2F5E28927EDB4A82EABD4011DF485BA7D0DF2,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-1124-61E8-A20A-000000002302}7616C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.105{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.089{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.005{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1124-61E8-A20A-000000002302}7616C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.005{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.005{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.005{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.005{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.005{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-1124-61E8-A20A-000000002302}7616C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000262055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.005{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1124-61E8-A20A-000000002302}7616C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000262054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:52.006{ED6274ED-1124-61E8-A20A-000000002302}7616C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000262193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:53.870{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8F1C9E0BEAB4942FCFEA83635FABCCC4,SHA256=D0F01AF431B31FB0D12B25BAFB4EA5C582B15CB46F642BFAE76F955D3598F957,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179614Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:53.147{F0653C0F-C6EC-61E7-1F00-000000002402}1924NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179613Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:53.100{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B896C60E983D76DEE7AFD12EFFB07853,SHA256=224A5801F67ECBECE692088F9369FC30431163B18007BFA5772ABDF16AE600E7,IMPHASH=00000000000000000000000000000000falsetrue 11241100x8000000000000000262192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:53.388{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\SiteSecurityServiceState.txt2022-01-17 16:11:39.965 23542300x8000000000000000262191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:53.387{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\SiteSecurityServiceState.txtMD5=F414DA90F5A5494D2094BC10D6A25465,SHA256=F88A376708EC62D1E82FEF18F9B119E565B6A9D321437600058D072E960A1179,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:53.076{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=511CC013542B8DB53D370725EFC5F81B,SHA256=69DEDD564ABAE8779E4DBAEE8103384F85347E2B853CC0FECEFAD7BF5FDB2283,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:54.891{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9A33E9818217C9ED8B48A4E90732E330,SHA256=C7DC0F8B70CCEC3157C05B4D0BB07D00D1D5BBF3E641B0BAE15682FD43ABAE6B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179615Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:54.115{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A51A6D6499AE579B80C9F11062FB76E0,SHA256=5852D1929EEA4DB32537FFC32086D84A88FE9CB58ECD334565D0C2038399BA3B,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:54.523{ED6274ED-1126-61E8-A40A-000000002302}71967484C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000262202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:54.470{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=A707DF28CA1E5EEDBDDE059A695BE2A4,SHA256=3D2618F900F083A36956AA0F78EFA8FA2750DD1C66EE560F545EA953813821C4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:54.269{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1126-61E8-A40A-000000002302}7196C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:54.269{ED6274ED-C6EF-61E7-0500-000000002302}424440C:\Windows\system32\csrss.exe{ED6274ED-1126-61E8-A40A-000000002302}7196C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000262199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:54.269{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:54.269{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:54.269{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:54.269{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:54.269{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1126-61E8-A40A-000000002302}7196C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000262194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:54.270{ED6274ED-1126-61E8-A40A-000000002302}7196C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000262208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:55.897{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AE051922EE385235F996A21D7CFF4B35,SHA256=B46BC3F649179CC14DE6ABEC7A219480871740FB266187484B86FB0F48BCF309,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179617Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:53.059{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53401-false10.0.1.12-8089- 23542300x8000000000000000179616Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:55.131{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9F0B847361F96E393757D6EEA08CFAB6,SHA256=313B80E8A56887C9CA20B777A6A0280ED9B225CA2AC3756C6E6CE45791B4D65F,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000262207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:54.272{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60396-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 354300x8000000000000000262206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:53.504{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60395-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000262205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:53.504{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exeNT AUTHORITY\SYSTEMtcptruetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local60395-true0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000179619Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:54.996{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53402-false10.0.1.12-8000- 23542300x8000000000000000179618Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:56.193{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9BA89A527B5802EF23A21210BB2D14D4,SHA256=FC2DE614DF0416993F439FDDFC20934577CBEC9348F73FE77D47A48117495922,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:56.912{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=02B268A9860E454F4D2CC73945F3822F,SHA256=6F90A19E2C257C000E0A89F071AFBE24B9CD5813A68C416A1449ACA2D7F1BB5C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.927{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BE190AE7D4A58264872260317969F691,SHA256=4E9E76621FA94EA8152949FE05A5459C9AA5B5BA76A4529D7241CAEF54419838,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179620Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:57.334{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D8AC647564B6CDFAA36FABBB3104E44D,SHA256=4E7997D97E582E83E98D5C4CBB3047699E6146DD744EFEF3A016E0321C23447F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.511{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-1129-61E8-A50A-000000002302}3908C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.511{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.511{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.511{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.511{ED6274ED-C6EF-61E7-0500-000000002302}4241156C:\Windows\system32\csrss.exe{ED6274ED-1129-61E8-A50A-000000002302}3908C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000262329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.511{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.511{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-1129-61E8-A50A-000000002302}3908C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000262327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.512{ED6274ED-1129-61E8-A50A-000000002302}3908C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000262326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.312{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5A95AE6F21F042E00C201E968B7A8F9B,SHA256=54E7EB3404337EC5AA7211417A680F7CA644115CFA2CB8C1C43D1A881C3AFC7B,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.274{ED6274ED-C704-61E7-2B00-000000002302}2988NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeC:\Program Files\SplunkUniversalForwarder\var\run\serverclass.xmlMD5=8F1BAAEB63B58FFACFB56D13F23AD150,SHA256=5098868B23CBB265B3384D5FF5936A22571C5FB391599C59C9990CE16810BB53,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EA20C638A48C7D8D19D2C338238284E9,SHA256=35D4D7ADB52597DDD0E1555984F2703D2A5C60883AF0A22660B38F0970F9B7A6,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.111{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000262338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:58.941{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=38265995BC2037FBBB9F170E28AA8055,SHA256=95721A17633DDB0DCF32ECE3370A9C74FF3007232D6927075D3EC62B1676E6A5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179621Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:58.350{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3E172D83CA22F3C296CA3FAEB85434B2,SHA256=7FF7B9E4F41DE1B0D00A5F8D00D07F33417996A274C6E97D7997F89045FBF53F,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000262337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:57.323{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60397-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8089- 23542300x8000000000000000262336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:58.542{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=EAF5F17B7B64FB914F6209BB3786C5E7,SHA256=6F2148004DB7470C5B9F2B0B0379A3C0693480360AEEEFEA65EDCA067231BC82,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:24:59.960{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AE53754D326B88AF3532DCFEA4E6D11A,SHA256=8125BBFC4C6D01C7AC1DA5D548A703C52756E534D5DF22ED43A03922624CBA63,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179622Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:24:59.412{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ECA095A46D432B6C9E6018C97F793015,SHA256=9890C42F6AC36EA9C2270A0C61C3121264EB9A6909D0AC31D0CB7DBFA74322C0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:00.974{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C13DAE3BF95289FBAA92CBD7EC9DC03A,SHA256=157587B48F876D4FF1D84B1F413E5BAE800C99A0074D3C2C34E8F0A6B6A3E9E8,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179623Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:00.443{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=234BD4D6D9CE214E0DD9352F4B80D366,SHA256=3259BC9B8F645DF331C0CC1ABA0CB6E096FE90D3A82F6F47F196CCBFF8D64C89,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179625Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:00.105{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53403-false10.0.1.12-8000- 23542300x8000000000000000179624Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:01.490{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=726333F9DC18176870EC777D221F1D00,SHA256=0FCF2B1FCA6C1B49F9A8AF98213C753781384792A2EC70D306368AA7B7D45CA5,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:01.989{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=916AC3D9E0B81A61A87CC63169A697B4,SHA256=408D26F4904C7FEB19CC4A2CBE3732F9F02B2654F922D2E8198E44D4D6B8E5D8,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000262341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:00.172{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60398-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000179626Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:02.506{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4860F18BE82AC1B118B398B8F29F200B,SHA256=2B7A7EDFD106ECB18DA9E17A555BF5822D530FAB4CECCFD89C6D475782331832,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.211{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=FB70B222DC8341577BD8B6B11019DC5C,SHA256=BD434BC1CDCC8888E9B65495A6A16AC6F43AD014BDB9C679E9F595E7B04306B1,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-10B4-61E8-950A-000000002302}5628C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.158{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000262408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=096BAC0196032BF281C6A99077792505,SHA256=29481DED29F081382CBE48E2BA2CBF7E26218AA333104CC16D283A93500D2407,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.143{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:02.127{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179627Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:03.522{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D8A9CAF407DFD4D3B6E438C317748180,SHA256=D73BB6CAA08D0AB44FAC600466B61C2998DF543D972D693271F1E7B5CA4E35D3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:03.011{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F8EE8ED433B7FC0062B5281874C7A114,SHA256=CE0B60043FBC07C2BBD5B618FBC6D93D3715D23729EABF912E2DF858889CCEBD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179629Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:04.791{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\respondent-20220119080814-308MD5=26E1A90A17A870013EF4C4218FE87777,SHA256=02B0674969846812EB5EACE6FE845327C5B46FC53D45D3793660008BF07077BC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179628Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:04.523{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4538EA6FAAD4DF7E3DAB8B7A8CE4AE24,SHA256=417BC40D547BC5B367423763CDDD7B17ABA294D7134F290C90400232BA236FD9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:04.458{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SystemMD5=3E00578E86514A82C2B63AA56EB92600,SHA256=210650F9A026B02E4F0E477D5A54902D0050585F3C3819BE16CE85AAD799FB56,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:04.458{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SystemMD5=FE400E38CA2F213BA4156670401C15DC,SHA256=FF2D0417BA7846D1B93AFEBE614391E61A323735105DCDBB2E4221FC9F5C3C59,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:04.027{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=32D10FF248EFE16F37ECAD3DAAA5636E,SHA256=F963E5ECB9D271C731C400EB0F94297636DF8349DE3902E706513315B36BF06F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179631Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:05.805{F0653C0F-C6EC-61E7-2200-000000002402}1984NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-0da516282bedaafcc\channels\health\surveyor-20220119080812-309MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179630Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:05.538{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=744D2614D2BDA418CFDA25E18D190DFF,SHA256=856B3783E1BCD1062EE35E808AB72B8AF24204F28B5B01CC0AF099632EFEE07D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:05.640{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite-shmMD5=B7C14EC6110FA820CA6B65F5AEC85911,SHA256=FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:05.640{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\0pk4oq24.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.sqlite-shmMD5=64BF8734DDE7B3BDD86CE88B4620A482,SHA256=C7E8C931DE4217361457D622A14525D5D368A9CC6BE2DE966BE29819C39DF830,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:05.107{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5077C3947DC27898AED764011BDFD434,SHA256=AF586981DFF4287475AB2DEBB97DDDFCC89ADE92A9C2B1F57B139CE393FAAF50,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179632Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:06.554{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ABF77712F59832E5CB0329D0CED67EA3,SHA256=5EA7B5415866D643990BFE05F6DA6416F0F6F3DF7A7529C20BD974BABF075DE2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:06.125{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8DCFD6D9C8BBE5CAA54C13DC68D8D822,SHA256=5100A18EC50E569BBF6BC095FE370629F767286E4E6088D8A40EDFFDDC6D7101,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179633Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:07.585{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2BF9CF435A2D59D3A679D8BB135A6C9C,SHA256=5245CD4D778481BE75D678C561D602422FC32947FA1264696300AF029F8C98D0,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000262582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:06.106{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60399-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000262581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.339{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=243B117716A491F802BF86D12B651BA0,SHA256=3B21356304CB26E7B2923AFBB119C1D14C4B6716BB463F87D7FA30D63359257C,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.204{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.202{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.202{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.202{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.187{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.171{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000262467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:07.140{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7674AAC083B72E6A9893251840176EF2,SHA256=4DE334C0B335F5C8E82BD960B7B49278CC79C1747A146F984EA6BA54714FFA25,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179635Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:08.616{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1969476FD18F586C297D7CD6EA6F550A,SHA256=067A2144004FCADD944B999F1D82EDA1E9E439591CD7492D8DF6901879145630,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:08.171{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2433494027CBE0C36C670998C9E4ABAD,SHA256=B6F49F62C6BB39C291D615F5D31CC2619DCBE385AF1F8629A8068504A73C606A,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179634Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:06.010{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53404-false10.0.1.12-8000- 23542300x8000000000000000179636Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:09.647{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=340BCDEE5A0341B79E9B25F072163D31,SHA256=BF6BB97F5DF1DFCDB29DE2ABECA90033D1A9A4F4D0B110AC5523DC9F060C8F95,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:09.176{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9B39952C6F3F3396F55F681FFDC4A10A,SHA256=EF9A71740C30990CE114B89359BF15D0D6C7B87977FB6BDD090CD8C1A3E85045,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179637Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:10.663{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=0D32211DAF90B6B0342192AEF8EF06E9,SHA256=F5ADAF79996BEC028B9504DBADD17AD5184763128A079FE829A0CF902FE08986,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:10.808{ED6274ED-C6F2-61E7-0D00-000000002302}9006584C:\Windows\system32\svchost.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000262585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:10.178{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=02277676DCA82F79886B22EDEBE1C121,SHA256=62FBBFD77D09AB217DA3BB45651A1C8E80A4AD9332107E8FE4F35308DB491A5C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179638Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:11.725{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=C5D6E56041D5C1AAF811686F1AFE939F,SHA256=E7A5279D9D4659A66189D5EDA3B88059842AD5AE03E360D87E54C9B50552873C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:11.192{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3113C339D9C75DC02E08D8507B6404F8,SHA256=2D85325307C6A0E4631BE65D75061A933946E7AC8BC8B267C724E74042B09A06,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179639Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:12.741{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7DDA24E703505D3E9E85BAE2515A75F5,SHA256=1C07D34AA8F12E35541E8505175D8377EFFDE27122731513F6FEEDDF40E5FFE7,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262702Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.562{ED6274ED-C6F2-61E7-0D00-000000002302}9006584C:\Windows\system32\svchost.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|c:\windows\system32\rpcss.dll+fa21|c:\windows\system32\rpcss.dll+d6ee|c:\windows\system32\rpcss.dll+b877|c:\windows\system32\rpcss.dll+85f7|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000262701Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.431{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3A7165F8FCDF2891B1063C27E0442FD5,SHA256=63249273D33E829FBC7683C90708C31E8B33BFECEA35B19894435E1135AEDC57,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262700Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262699Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262698Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262697Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262696Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262695Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262694Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262693Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262692Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262691Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262690Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262689Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262688Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262687Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262686Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262685Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262684Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262683Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262682Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262681Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262680Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262679Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262678Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262677Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262676Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262675Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262674Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262673Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262672Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262671Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262670Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262669Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262668Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262667Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262666Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.229{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262665Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262664Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262663Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262662Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262661Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262660Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262659Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262658Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262657Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262656Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262655Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262654Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262653Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262652Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262651Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262650Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262649Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262648Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262647Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262646Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262645Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262644Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262643Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262642Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262641Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262640Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262639Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262638Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262637Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262636Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262635Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262634Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262633Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262632Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262631Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262630Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262629Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262628Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262627Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262626Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262625Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262624Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262623Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262622Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262621Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262620Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262619Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262618Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262617Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262616Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262615Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262614Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.214{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262613Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.212{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262612Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262611Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262610Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262609Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262608Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262607Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262606Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262605Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.211{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262604Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262603Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262602Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262601Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262600Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262599Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262598Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.210{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262597Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.209{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262596Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.209{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262595Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.209{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262594Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.209{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262593Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.209{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262592Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.209{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.208{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.208{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.208{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:12.208{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179640Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:13.741{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=79B1216DE34E0715A5BCD0BFC034D413,SHA256=963A9BBF3BAB3B96ECE5FDF78A7653175F650D89CF0A3C61BAED40C4CB34036A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262704Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:13.243{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=ADDFC1515E54754FFF79578E62B8121B,SHA256=2F1E73D2947889E4853FB35AE6E9424740F838B9367EF851F0DA47953CD10F9B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000262703Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:11.126{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60400-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000179643Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:14.788{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8B3B3352F96A678F47807DE392AFDC63,SHA256=827140CAE4D261714AF064CFF7B5A18861832D72015818A2E507A7B320B3BAD1,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262705Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:14.263{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F389AFB05C8B2EA831E96D7E38D7CCC9,SHA256=3E0E6F1FEB157BDA822EC7D8A2F0CF7CC8A12639664FB7A22A1804CF45F9CF7B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179642Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:12.028{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53405-false10.0.1.12-8000- 23542300x8000000000000000179641Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:14.007{F0653C0F-C6EB-61E7-1100-000000002402}980NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.datMD5=38E3B36839F5D121D29820366BB33420,SHA256=0CB3B55F385BC8B685FEF0BAA39BE1122445E68695CDF0179C02E02774128BA6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179647Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:15.819{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=493557C53512BA454F621BE872977C29,SHA256=7962071310DEB1B457A5B17F1E625A5D794103383A0A667488A2DF36FEC2D431,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262706Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:15.264{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D7A01972148DC0CEBDC3CAF9969233F3,SHA256=72509D7C7B7F0FD363E4D1485B4A8CB3CBE9045BD8FE65A99111B3C512CE84AC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179646Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:15.272{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EB-61E7-1300-000000002402}832C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179645Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:15.272{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EB-61E7-1300-000000002402}832C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179644Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:15.272{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EB-61E7-1300-000000002402}832C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000179648Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:16.835{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B131C4DCCC8EDAE468848E8BF5F88D3E,SHA256=560265257A153052A0F14D7E77C65422CE28603EA638A56FB74F24F74188DF62,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262707Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:16.294{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=43990C24FC45BD4E1D033FC7CA28D1AD,SHA256=E565491D5F8A7BB37F6A4490952D656C12668AE38D5FE66E8DE3AA8C89592D94,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179649Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:17.850{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B72A82988015491F68E07F636974AD2C,SHA256=B3C0C25DFF9C21D2986E36B808B96B8022348DD8720558C25E28FB918F5E97D9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262822Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.448{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=12AE71C3AD991F46A74CB3FA7F670A1D,SHA256=DFE46059B4EBAAA5428D347DA758212DCF2E25CCE6B56403E292583EB898DAD2,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262821Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262820Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262819Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262818Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262817Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262816Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262815Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262814Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262813Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262812Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262811Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262810Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262809Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262808Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262807Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262806Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262805Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262804Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262803Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262802Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262801Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262800Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262799Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262798Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262797Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262796Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262795Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262794Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262793Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262792Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262791Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262790Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262789Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262788Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262787Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262786Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262785Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262784Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262783Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262782Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262781Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262780Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262779Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262778Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262777Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262776Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262775Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262774Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262773Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262772Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262771Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262770Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262769Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262768Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262767Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262766Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262765Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262764Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262763Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262762Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262761Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262760Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262759Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262758Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262757Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262756Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262755Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262754Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.279{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262753Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262752Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262751Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262750Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262749Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262748Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262747Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262746Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000262745Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=519116EB2BD2A6CEB2DB0B59F97B74E4,SHA256=B8D7C38F787EBABDCBB1BAE4226BF5CBE5FE4E1BFC1A5A020EA9EC98253C3D00,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262744Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262743Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262742Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262741Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262740Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.263{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262739Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.247{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262738Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.247{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262737Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.247{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262736Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.247{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262735Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.247{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262734Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.247{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262733Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.246{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262732Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.246{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262731Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.246{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262730Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.246{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262729Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.246{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262728Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.245{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262727Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.245{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262726Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.245{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262725Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262724Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262723Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262722Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262721Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262720Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262719Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.244{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262718Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.243{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262717Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.243{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262716Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.243{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262715Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.243{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262714Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262713Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262712Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262711Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262710Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.242{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262709Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.241{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262708Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:17.241{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179651Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:18.866{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F65E9EB58AFA9050B6DA72ED9A065140,SHA256=DF51B406A28823BDCE0857CA23BC77408479930A8C38BE415A09B919939EC1CF,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262824Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:18.463{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=995B6CE45ABD3AF54AC39737B4541D08,SHA256=95A00076C143B7D58F2ABF79642FB77C3350C3D8B1E916FCED128BD5FEFB40F9,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179650Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:17.152{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53406-false10.0.1.12-8000- 354300x8000000000000000262823Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:16.258{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60401-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000179652Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:19.944{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=853FA97D7267013C002E3C38BE7CD899,SHA256=D9CA191122A9CCD5EAFD41C0BA294ACD6E4D433C3AD061B7C1A7CEB2FC8E9E16,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262825Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:19.493{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A4FFFDCD01F16E0415BB5A36A68C7B95,SHA256=D334E2641794B49C9A44040F8D5D4FB730F1B92D605962F3616002D31DF84C6C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179653Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:20.975{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=867BEAD2D29FFFDB8D36AA33DD3C8987,SHA256=074EA08009520A2E21E22265589B4A5DFA814A0C001C464459C6761F5E6EA5A2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262826Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:20.508{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2C8447FDB6B86E9CEEBA8E8975AC2DFD,SHA256=9CEDEEAC387D4E97D7FA1651A972FEF6BEFBDB3117B4C5496C6B968E073BEF72,IMPHASH=00000000000000000000000000000000falsetrue 13241300x8000000000000000262832Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:25:21.683{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exeHKLM\System\CurrentControlSet\Services\DFSR\Parameters\Volumes\CFE4E044-0000-0000-0000-100000000000\Volume Configuration File\\.\C:\System Volume Information\DFSR\Config\Volume_CFE4E044-0000-0000-0000-100000000000.XML 13241300x8000000000000000262831Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:25:21.668{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exeHKLM\System\CurrentControlSet\Services\DFSR\Parameters\Replication Groups\62A1E1BE-B454-40C9-A5C2-BE9F158605C7\Config SourceDWORD (0x00000001) 13241300x8000000000000000262830Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-SetValue2022-01-19 13:25:21.668{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exeHKLM\System\CurrentControlSet\Services\DFSR\Parameters\Replication Groups\62A1E1BE-B454-40C9-A5C2-BE9F158605C7\Replica Set Configuration File\\?\C:\System Volume Information\DFSR\Config\Replica_62A1E1BE-B454-40C9-A5C2-BE9F158605C7.XML 10341000x8000000000000000262829Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:21.651{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262828Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:21.651{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000262827Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:21.515{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E732B2EE2F69DFCF46FC0EC67423084E,SHA256=C3074E033219446693E2C5ED4113FE7587C05920CA036696B87B27580516E1BD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262951Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.615{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=A689F621E99AE61A76954925F8C51CDC,SHA256=3E0218C30FF45927F661AE09CD680759C167BECEFDEE95DEA40EE406E91EFE12,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179681Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.913{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1142-61E8-3D09-000000002402}2792C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179680Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179679Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179678Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179677Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179676Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179675Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179674Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179673Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179672Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179671Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.913{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-1142-61E8-3D09-000000002402}2792C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179670Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.913{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1142-61E8-3D09-000000002402}2792C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179669Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.914{F0653C0F-1142-61E8-3D09-000000002402}2792C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe10.0.10011.16384SplunkMonNoHandle Control ProgramWindows (R) Win 7 DDK driverWindows (R) Win 7 DDK providerSplunkMonNoHandle.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-MonitorNoHandle.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=BF28C74E12839E40CD89696C7CB01573,SHA256=6187325F302F232DE582FE28E0E0D2B292AB8122C3356C9CE295A482D7B93EA3,IMPHASH=27776F2813155A6CF34F6A075A0C2EC8{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 10341000x8000000000000000179668Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.428{F0653C0F-1142-61E8-3C09-000000002402}13043572C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6025c5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+6020f6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+59e67|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+5b88c|C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe+8e7d70|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179667Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.241{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1142-61E8-3C09-000000002402}1304C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179666Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179665Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179664Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179663Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179662Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179661Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179660Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179659Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179658Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.241{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179657Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.241{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-1142-61E8-3C09-000000002402}1304C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179656Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.241{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1142-61E8-3C09-000000002402}1304C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179655Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.242{F0653C0F-1142-61E8-3C09-000000002402}1304C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe8.0.2Active Directory monitorsplunk ApplicationSplunk Inc.splunk-admon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-admon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=947139F3BB2AB70CAF692A60C7A3A735,SHA256=940554A0170A70F634689CC84B00C51AC0BCF773C9639E1305E3672441FC85C8,IMPHASH=357CEC18833E7FF2ABFB722902B13165{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179654Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:22.116{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=34C5CE9142DC82394316521A2B6AAFE6,SHA256=E4819482FF387CBF02460316CB20F9622B6E665B7FB4160647F799218143E70F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262950Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.516{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262949Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.516{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262948Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.516{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000262947Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.516{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=937F052CB7CE89D26A2A2E1CEFA21935,SHA256=710BE7BD302AF53FB1985963ED45CBA5DD3FDACC07C93838B60E3399E4A74F79,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262946Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262945Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262944Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262943Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262942Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262941Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262940Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262939Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262938Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262937Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262936Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262935Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262934Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262933Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262932Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262931Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262930Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262929Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262928Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262927Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262926Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262925Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262924Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262923Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262922Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262921Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262920Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262919Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262918Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262917Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262916Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262915Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262914Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262913Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262912Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262911Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262910Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262909Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262908Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262907Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262906Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262905Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262904Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262903Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262902Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262901Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262900Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262899Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262898Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262897Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262896Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262895Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262894Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262893Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262892Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262891Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262890Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262889Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262888Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262887Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262886Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000262885Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262884Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262883Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262882Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262881Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262880Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262879Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262878Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262877Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262876Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262875Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262874Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262873Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262872Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262871Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262870Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262869Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262868Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262867Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262866Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262865Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262864Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262863Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262862Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262861Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262860Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.299{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000262859Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262858Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262857Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262856Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262855Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262854Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262853Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262852Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262851Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262850Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262849Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262848Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262847Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262846Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262845Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262844Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262843Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262842Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262841Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262840Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262839Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262838Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262837Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262836Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262835Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262834Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.283{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000262833Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.083{ED6274ED-C6F3-61E7-1300-000000002302}704NT AUTHORITY\LOCAL SERVICEC:\Windows\System32\svchost.exeC:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.datMD5=3A2FD16D7F12426C1110F148B92AE0D1,SHA256=A96349D87714ACF44889D5BD339C1892ABEF6FB31606385BF2DC760C4E226D36,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262963Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:23.622{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EF268D7AF82DA5013129E516B81BA334,SHA256=B8E79D1EA6D0ABC1981F7618107442CEE3A73D916353E42AFF546D172FB778A0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179697Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.585{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1143-61E8-3E09-000000002402}3724C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179696Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.585{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179695Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.585{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179694Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.585{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179693Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.585{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179692Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.585{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179691Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.585{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179690Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.585{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179689Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.585{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179688Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.585{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179687Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.585{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-1143-61E8-3E09-000000002402}3724C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179686Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.585{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1143-61E8-3E09-000000002402}3724C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179685Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.586{F0653C0F-1143-61E8-3E09-000000002402}3724C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179684Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.257{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=FB16A6ECD70C96FBB99FEACD249A0201,SHA256=E2E4D8BE5AFFB06FEE59F235AA33D6DB0EBFCF02452CCEFD2EAC8E053DDF3DEA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179683Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.257{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=F9121F650EA9CFEC74E43FE4D88B6192,SHA256=9A8C42FE30BEE03B6A3D7F7A7D8729E1CC95DE1B02ECA58603C9827277D25686,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179682Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.241{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=08A3FA8B8870043D96EAF9C5CA42BB67,SHA256=E0AB350FCB2BBBD1E84280E0EF2F107BDF36096E936E38466215EB200620B1DC,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262962Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:23.537{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=044F355FB85B0441433A65E3E20D9964,SHA256=30E4D0C1B025ADD71F2AE091ABEF63901A9592A58FA616E8D4D65C11B52126A9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262961Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:23.537{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=8C5BCD50724EAE07DE34FE3E50DD5F7D,SHA256=2993A71D3BF80FBBF75DE29ACFAE36A6F35AE565C33BD920129CFBD17C16CB77,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262960Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:23.522{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262959Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:23.522{ED6274ED-C6F0-61E7-0B00-000000002302}640768C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262958Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:23.352{ED6274ED-C6F0-61E7-0B00-000000002302}6407512C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262957Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:23.352{ED6274ED-C6F0-61E7-0B00-000000002302}6407512C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000262956Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:23.352{ED6274ED-C6F0-61E7-0B00-000000002302}6407512C:\Windows\system32\lsass.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\system32\lsasrv.dll+6ea9c|C:\Windows\system32\lsasrv.dll+e6974|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 354300x8000000000000000262955Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:21.754{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEudptruetruea00:10e:0:0:c850:769d:8081:ffff-61739-truee000:fc:0:0:0:0:0:0-5355llmnr 354300x8000000000000000262954Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:21.753{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEudptruetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local61739-trueff02:0:0:0:0:0:1:3-5355llmnr 354300x8000000000000000262953Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:21.717{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60402-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local135epmap 354300x8000000000000000262952Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:21.717{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\System32\dfsrs.exeNT AUTHORITY\SYSTEMtcptruetruefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local60402-truefe80:0:0:0:348e:7233:75e7:5126win-dc-tcontreras-attack-range-356.attackrange.local135epmap 23542300x8000000000000000262967Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:24.626{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7915DA9AAD7E46F53CE3597967AFC8D4,SHA256=F11C58EC7B529FE14F8800885F91C2FD50890D90BA3D4FA3C09FE06B87032AF6,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179699Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:24.694{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=FB16A6ECD70C96FBB99FEACD249A0201,SHA256=E2E4D8BE5AFFB06FEE59F235AA33D6DB0EBFCF02452CCEFD2EAC8E053DDF3DEA,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179698Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:24.350{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5F6B60F30E95663E4603E69191246B61,SHA256=E7415C5164BAF50294E95B4F7EAB487E748A0D53C1AA3F3C5AACCFBEC1B3CE13,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000262966Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.581{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60404-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000262965Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.581{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\System32\dfsrs.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60404-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000262964Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:22.205{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60403-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000262970Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:25.628{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=22E1BC166359F77CF378F4233DDB3DC1,SHA256=78739EA469B841B0AFD6D8E043EC99833893DAB74E9039C52C3B5824ABAE76F7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179701Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:25.397{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F5ACCD1847F2284F1036152742C8C66C,SHA256=A642EEB51F7B60108D9EA3B0CB3BE28018B95E8AE3D86012E89FB25CB78C9E5A,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000262969Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:23.411{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\System32\lsass.exeNT AUTHORITY\SYSTEMtcpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60405-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000262968Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:23.411{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\System32\dfsrs.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60405-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local389ldap 354300x8000000000000000179700Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:23.121{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53407-false10.0.1.12-8000- 10341000x8000000000000000179716Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.882{F0653C0F-1146-61E8-3F09-000000002402}39443204C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179715Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.741{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1146-61E8-3F09-000000002402}3944C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179714Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.741{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179713Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.741{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179712Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.741{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179711Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.741{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179710Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.741{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179709Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.741{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179708Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.741{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179707Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.741{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179706Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.741{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179705Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.741{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-1146-61E8-3F09-000000002402}3944C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179704Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.741{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1146-61E8-3F09-000000002402}3944C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179703Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.742{F0653C0F-1146-61E8-3F09-000000002402}3944C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179702Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:26.413{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9E4F35355EF6B8C1D36C7CB489A8AEB9,SHA256=DD043F3327D51117AC182768F360C381D89CCE1F5D15076594C39940B2759F9C,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000262972Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:26.630{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5E5D25EE69BF772B9B7CB45537E97DF0,SHA256=FDFB82A1A2166B81F5E595F5990B3DAD6BFE2515126D325EF5C7F7F2757D72F3,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000262971Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:24.840{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse210.222.247.169-16470-false10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local3389ms-wbt-server 23542300x8000000000000000263089Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.847{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=044F355FB85B0441433A65E3E20D9964,SHA256=30E4D0C1B025ADD71F2AE091ABEF63901A9592A58FA616E8D4D65C11B52126A9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263088Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.632{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=03809CDAAF5A96D64FE4B5D5DAFF156E,SHA256=1F557961989F2D296F6B9F4B8BB57AFF4CCB1CB6A433FAB2B30FD713AA040671,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179733Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.757{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=E384FFC113B9AD325397B1294412A667,SHA256=3962C68A0ED1B5079EB1EDAC12319E0DFB36CCBEF91F0FA6356735F3EAF2B0BD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179732Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.678{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=87E2D6A9ADF55327E0CEAA0092054390,SHA256=7DCDFC769AD0D8E267BA20BFA7F8A1930B9B3621B45DC05F5A1F591C521048F8,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179731Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.632{F0653C0F-1147-61E8-4009-000000002402}17922120C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+5691a5|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+568cd6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56657|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+56ca7|C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe+8f3800|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 354300x8000000000000000179730Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:24.855{F0653C0F-C6EB-61E7-1000-000000002402}940C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEtcpfalsefalse210.222.247.169-17180-false10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal3389ms-wbt-server 10341000x8000000000000000179729Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.413{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1147-61E8-4009-000000002402}1792C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179728Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.413{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179727Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.413{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179726Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.413{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179725Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.413{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179724Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.413{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179723Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.413{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179722Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.413{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179721Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.413{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179720Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.413{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179719Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.413{F0653C0F-C6EA-61E7-0500-000000002402}420536C:\Windows\system32\csrss.exe{F0653C0F-1147-61E8-4009-000000002402}1792C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179718Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.413{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1147-61E8-4009-000000002402}1792C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179717Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.414{F0653C0F-1147-61E8-4009-000000002402}1792C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe8.0.2Registry monitorsplunk ApplicationSplunk Inc.splunk-regmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-regmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=91F33F605825B72EE2270559C7AB28F3,SHA256=3DF1CB71BB48B8669BD01179FD94DD8CC82F8103B08A0FACFD366E43E0C5FA42,IMPHASH=23D7D4307FBE7FA4F42B1902826D7C25{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000263087Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.448{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2F7CF7CEBFCE23E603954DA2CF0F9A64,SHA256=98097793375E04409AE24948A714B7CEDF0685C6976C6BF596CB2AB2DB735374,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000263086Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.366{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263085Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.366{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263084Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.366{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263083Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.366{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263082Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263081Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.365{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263080Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263079Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263078Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263077Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263076Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263075Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263074Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.364{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263073Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.363{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263072Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.363{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263071Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263070Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263069Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263068Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263067Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263066Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263065Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263064Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263063Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263062Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263061Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263060Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263059Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263058Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263057Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263056Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263055Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263054Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263053Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263052Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263051Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263050Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263049Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263048Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263047Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263046Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263045Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263044Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263043Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263042Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263041Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263040Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263039Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263038Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263037Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263036Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263035Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263034Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263033Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263032Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263031Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263030Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263029Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263028Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263027Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263026Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263025Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263024Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263023Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263022Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263021Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263020Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263019Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263018Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263017Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263016Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263015Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263014Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.347{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263013Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263012Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263011Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263010Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263009Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263008Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263007Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263006Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263005Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263004Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263003Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263002Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263001Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263000Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000262999Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.332{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=45045CF3346349CFA361076092C6FA16,SHA256=F6BBE51FCA0650B6DD2E98320620A6F9F3FEB138FFECF8D6513DE7E82A2B5AB4,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000262998Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262997Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262996Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262995Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262994Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262993Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262992Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262991Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262990Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262989Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262988Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262987Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262986Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262985Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262984Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262983Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262982Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262981Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262980Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262979Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262978Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262977Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262976Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262975Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262974Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000262973Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.316{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000263094Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:28.633{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E91CBB3FB818FB07B070C7A5B9BC177D,SHA256=58EB6C50152299ACFD8FC8C8A8928CF05FCDE1525A5DE429A517D6915BB796BC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000179761Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.913{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1148-61E8-4209-000000002402}3628C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179760Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179759Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179758Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179757Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179756Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179755Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179754Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179753Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179752Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.913{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179751Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.913{F0653C0F-C6EA-61E7-0500-000000002402}4201776C:\Windows\system32\csrss.exe{F0653C0F-1148-61E8-4209-000000002402}3628C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179750Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.913{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1148-61E8-4209-000000002402}3628C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179749Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.915{F0653C0F-1148-61E8-4209-000000002402}3628C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe8.0.2Windows Print Monitor splunk ApplicationSplunk Inc.splunk-winprintmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-winprintmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=36D3753920C5BBCA16D12DEAD7A3A904,SHA256=EA17F69FB116CFA6ADC3CE07EBBAE3FD2CB221F25E3F7A9ADF3F15DA051831E2,IMPHASH=264D4B9546D98D77D97F569F55A0B748{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000179748Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.647{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E5600779BF049725B53E77447D402167,SHA256=92AD8BB82C849AEE97C08D2C67BE51806BA51A0472F9926ADAEA275F5A173655,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000263093Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:26.665{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEudpfalsefalse127.0.0.1-49497-false127.0.0.1-53domain 354300x8000000000000000263092Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:26.125{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse127.0.0.1-53domainfalse127.0.0.1-49497- 354300x8000000000000000263091Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:26.125{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEudptruetrue7f00:1:ffff:ffff:9860:fe94:8081:ffff-49497-true7f00:1:0:0:0:0:0:0-53domain 354300x8000000000000000263090Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:26.095{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsetrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local53domaintrue0:0:0:0:0:0:0:1win-dc-tcontreras-attack-range-356.attackrange.local49497- 10341000x8000000000000000179747Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.257{F0653C0F-1148-61E8-4109-000000002402}16282332C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x101400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e675|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+55e1a6|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+6b453|C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe+8e8530|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179746Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.085{F0653C0F-C6ED-61E7-2B00-000000002402}28242844C:\Windows\system32\conhost.exe{F0653C0F-1148-61E8-4109-000000002402}1628C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179745Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.085{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+d3ae|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179744Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.085{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179743Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.085{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179742Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.085{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179741Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.085{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8fc1|c:\windows\system32\lsm.dll+8eb0|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179740Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.085{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+e9d6|c:\windows\system32\lsm.dll+8e6f|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179739Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.085{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179738Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.085{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179737Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.085{F0653C0F-C6EB-61E7-0C00-000000002402}7323524C:\Windows\system32\svchost.exe{F0653C0F-C6EC-61E7-2000-000000002402}1940C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000179736Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.085{F0653C0F-C6EA-61E7-0500-000000002402}420436C:\Windows\system32\csrss.exe{F0653C0F-1148-61E8-4109-000000002402}1628C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000179735Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.085{F0653C0F-C6EC-61E7-1F00-000000002402}19243964C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{F0653C0F-1148-61E8-4109-000000002402}1628C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000179734Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:28.086{F0653C0F-1148-61E8-4109-000000002402}1628C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe-----"C:\Program Files\SplunkUniversalForwarder\bin\splunk-powershell.exe" --ps2C:\Windows\system32\NT AUTHORITY\SYSTEM{F0653C0F-C6EB-61E7-E703-000000000000}0x3e70SystemMD5=030CC9FD3784684043D9236FF16904DE,SHA256=6C84A212BD1EA1FCC493E9F8ED1C1507E2773F6FE71ACDE265067F3153BE6241,IMPHASH=45491F0E80AC016364EB8FB78BD23A1C{F0653C0F-C6EC-61E7-1F00-000000002402}1924C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 354300x8000000000000000179765Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.236{F0653C0F-C6EC-61E7-1600-000000002402}1180C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEudpfalsefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal54388-false10.0.1.14-53domain 354300x8000000000000000179764Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:27.232{F0653C0F-C6EC-61E7-1600-000000002402}1180C:\Windows\System32\svchost.exeNT AUTHORITY\NETWORK SERVICEudptruetruea00:10f:0:0:9880:c87f:8b92:ffff-54388-truea00:10e:0:0:0:0:0:0-53domain 23542300x8000000000000000179763Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:29.678{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=53A2C87771C4879F55CD57EC97B216C1,SHA256=E2EA2EB30555740BDD054D95C733A3A760017538C1B64833AEA2E807A59FA9F4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263096Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:29.674{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9EACE60D4DE40467627373C1407A9D85,SHA256=61ACBC079D63F415C7FD60C699B5B1E8027C664E642392C9D0825E746B939000,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000263095Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:27.373{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\System32\dns.exeNT AUTHORITY\SYSTEMudpfalsefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local53domainfalse10.0.1.15WIN-HOST-TCONTR54388- 23542300x8000000000000000179762Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:29.100{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\SecurityMD5=C70B321739551164ED2A3D044FB0C01F,SHA256=12F1D38ABF8CD40FB905155D048521330B455E48D192114548E541C86BDBB848,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179767Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:30.819{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5811E500AEFA66D598A5B1E9A8ECCBCF,SHA256=B85DB447CE845482D67D600302AA2105A7D448656C0D25F1E44A2FC32ED5411D,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179766Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:29.027{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53408-false10.0.1.12-8000- 23542300x8000000000000000263098Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:30.692{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=15DDC2DE89D4C267BD4FB4763827213D,SHA256=FE96783D7089D5927846B910F4FD61D143FC38AA82DE9D4886DD9BB216A1A5D2,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000263097Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:28.128{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60406-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000179768Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:31.850{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E73B2E7B241FF6897B9F213368D1DBEA,SHA256=9B55EADCF476AEB13176D150A8BA721640AE97BD5D8117B736DB60F6D010FE35,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263099Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:31.707{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=91B601A7ADB6247FEB56C7870BB69A03,SHA256=1EE38BC447E11DD75446A4D2EE995205A522BA34ABCE65C0E9D95C8E07E7E5AB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179769Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:32.928{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3E5A570B4D5A427C898EC3AFA5C6E6F9,SHA256=0B2A117709D846AFD4539361A042CAFF471F28226F50B5C5A786C39DEFDFB742,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263215Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.952{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8C536BB4C2F56A11595A30475BB05C55,SHA256=559BB19BF947F25C82D87CF708472DCC34F23F949BD009492ECAAC1BB6B3B544,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263214Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.936{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=638F72A4F3BB0260787629E952346178,SHA256=93B36275CD82F50766696AF45320FFC8CB604CFC2922CCB38719C3519817B00F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000263213Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.402{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263212Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.402{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263211Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.402{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263210Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.402{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263209Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.402{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263208Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.402{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263207Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.399{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263206Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.399{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263205Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.399{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263204Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.399{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263203Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.397{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263202Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.397{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263201Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.397{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263200Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.397{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263199Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.397{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263198Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.397{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263197Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.397{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263196Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.396{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263195Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.396{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263194Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.396{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263193Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.396{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263192Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.396{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263191Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.396{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263190Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.395{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263189Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.395{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263188Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.395{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263187Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.395{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263186Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263185Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263184Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263183Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263182Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263181Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263180Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263179Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263178Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263177Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263176Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263175Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263174Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263173Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263172Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.394{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263171Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263170Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263169Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263168Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263167Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263166Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263165Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263164Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263163Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263162Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263161Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263160Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263159Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263158Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263157Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263156Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263155Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.393{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263154Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.389{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000263153Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.392{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\respondent-20220119080839-308MD5=31AE3B99E9722C70B2B0BF5629B78D35,SHA256=018F3996AECFCFD96518A9A6A1237881C0D4A214E94965D02F176A723ABECB27,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000263152Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.389{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263151Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263150Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263149Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263148Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.388{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263147Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.387{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263146Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.386{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263145Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.386{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263144Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.386{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263143Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.386{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263142Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.386{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263141Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.386{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263140Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.386{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263139Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.385{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263138Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.385{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263137Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.385{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263136Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.385{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263135Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.385{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263134Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.385{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263133Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.385{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263132Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.385{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263131Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.384{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263130Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.384{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263129Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.384{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263128Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.384{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263127Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263126Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263125Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263124Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263123Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263122Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263121Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263120Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263119Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263118Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263117Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263116Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263115Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263114Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263113Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263112Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263111Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263110Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263109Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263108Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263107Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263106Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263105Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263104Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263103Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263102Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263101Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263100Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:32.368{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000263217Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:33.941{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1D5825E08834F7DB1E3C1F6F5E616923,SHA256=BA6B93D6B380C98C06C7FDF45015401CB4D84ECA3B93721475547BA188198FD4,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263216Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:33.399{ED6274ED-C704-61E7-2A00-000000002302}2964NT AUTHORITY\SYSTEMC:\Program Files\Amazon\SSM\amazon-ssm-agent.exeC:\ProgramData\Amazon\SSM\InstanceData\i-00d95d34f7cb1f9c1\channels\health\surveyor-20220119080836-309MD5=97EF2A570B75C4F95FC69B0D09A2E2A2,SHA256=11396EA313B0ED7E3228C4FA92ABE9D836DB8F416A7A8A28ACC77133025082E7,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263218Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:34.951{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=CED453336B66909BD53FDE4B793226D9,SHA256=B1CF18506AF81C631D2D0471473995375A5F2BE9269DDD900ED127341AD6C8CB,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179770Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:34.116{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=EED0CD5820F811A93B3E38304266D9F7,SHA256=B9DF784671C54F34D5E09090C855C0794400FEC213E06C2EC67C465BB3624057,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263220Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:35.981{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B19EF1F6C7AD50FCE4CE2B804339E2F7,SHA256=5313BE208FEC4EBA06CFF3C7886F70FB071CB26EA79461671FC2D45635B8F159,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179772Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:34.168{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53409-false10.0.1.12-8000- 23542300x8000000000000000179771Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:35.179{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BEF2925D925A61ADFA43E7C4CA5D05CD,SHA256=C06927FA307C6114FCE7E50A024A5066FDB99F586CC826600A567DDA98BE70F9,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000263219Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:33.263{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60407-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000179773Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:36.194{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7CB3FC94D251FF7D3BA719B3834FD5E9,SHA256=00995094E2B495BD797367F6D61DADA5EF01D369500C8FFAA4CAAE0076A3D9CD,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263221Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:36.998{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=B5A2B1022A77B9FCDCBB2256C50A3E85,SHA256=4D40BA4A20B8747C2ED5D8337593C48EBC3238F47F6AAB3658264311C96A1C1F,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179774Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:37.225{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7D8DCE7D6ECD8B5BC42391E80208148C,SHA256=56A6A2D1E039D52B0496021BF69DD0EDD5EA757CDD095C5ACE7A7554040083C2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263336Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.548{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=7ABEDFDD901B6BD38C48230FA0EDF8BA,SHA256=B529EE4CC0CD01D4DD84F7FFEAE97E22255512737BAE61DD7A00DA6E268B277F,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000263335Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.448{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263334Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.448{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263333Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263332Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263331Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263330Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263329Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263328Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263327Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263326Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263325Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263324Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263323Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263322Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263321Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263320Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263319Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263318Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263317Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263316Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263315Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263314Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263313Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263312Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263311Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263310Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263309Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263308Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263307Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263306Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263305Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263304Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263303Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263302Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263301Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263300Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263299Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263298Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263297Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263296Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263295Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263294Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263293Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263292Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263291Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263290Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263289Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263288Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263287Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263286Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263285Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263284Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263283Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263282Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263281Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263280Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263279Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263278Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263277Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263276Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263275Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263274Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263273Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 23542300x8000000000000000263272Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F1EE62B0B9A344A982E6D937F4D70F9D,SHA256=BAF060ECFB8C3B53822E5D8C28D79E3E303D20E677570396CCFDB651E1E6DD01,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000263271Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263270Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263269Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263268Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263267Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263266Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263265Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263264Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263263Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263262Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263261Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263260Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263259Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263258Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263257Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263256Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263255Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263254Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263253Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263252Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263251Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263250Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263249Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263248Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.433{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263247Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263246Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263245Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263244Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263243Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263242Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263241Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263240Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263239Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263238Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263237Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263236Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263235Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263234Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263233Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263232Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263231Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263230Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263229Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263228Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263227Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263226Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263225Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263224Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263223Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263222Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:37.417{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000179775Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:38.272{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E969BEF926C95F2812723060DE5AC8B1,SHA256=35875BF41F9385120C9AA5A3A07E0104C66CECE9FED74945C1E46714A8F2B681,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263337Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:38.020{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=9FD0C894172807DBF70A05E8DD74ED70,SHA256=11E861DB4A3977502D599F0BC81E28FFF507B1B2DDA44FAE9712DA7F20264B7D,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179776Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:39.350{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=3B3DB288797E1C937F6A2D38DD7B0B6A,SHA256=71585494FC1507B7C022694B8D8235045E22EFE3E455B7E90160DE88AA039427,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263338Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:39.051{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=6CB766A79E525D8259C29860FB6B3795,SHA256=8903BFCA6DC9393FA18518F7B28E37CA132D4CE28AA44BFF4FD2B411BF4ABE37,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179777Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:40.460{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=911B5E4F68057ABFDB4698719CFB736C,SHA256=26C38D518FCA2FE64BD5EDD3AA1D82C17509CE512104DBB5C74F5D947FAE9B6B,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000263340Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:39.185{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60408-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000263339Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:40.052{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=329CE63A358687F72638236F0ECFF609,SHA256=DD348299904DC983DDE3177CAFF2DC861D913BD80871BA4F093EDCB8AF61EBC2,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179778Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:41.491{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2C199A7396A7674FB2B0D57E30DD4E58,SHA256=80895BD9318C6D45E075B0C5C7BA790D29E5A1D9AA7F0AA9BDCA2793D27539A3,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000263344Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:41.550{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000263343Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:41.550{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000263342Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:41.550{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000263341Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:41.102{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=340D8B14400934C79071974754226D48,SHA256=A90D8CE5F49A810C43BB9B132CDF0C68A70343EEABD4518527F73B1AEB51CEF0,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179780Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:42.507{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=56F7120267B2387E56F99102058A77AF,SHA256=16ABEB12D37C26A18D54F50F8C97F979C71D0242BEC79B45E3A50422185E180E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263459Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.766{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=1B125C9B58FE77DDD791B252FBC8B48B,SHA256=320B41E34EE6070131439BF21D5C344D8F55C22FB6E384DB792FCEEDB18025D5,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000263458Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263457Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263456Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263455Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 354300x8000000000000000179779Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:40.090{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53410-false10.0.1.12-8000- 10341000x8000000000000000263454Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263453Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263452Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263451Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263450Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263449Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263448Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263447Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263446Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263445Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263444Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263443Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263442Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263441Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263440Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263439Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263438Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263437Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263436Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263435Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263434Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263433Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263432Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263431Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263430Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263429Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263428Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263427Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263426Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263425Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263424Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263423Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263422Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263421Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263420Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263419Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263418Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263417Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263416Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263415Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263414Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263413Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263412Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263411Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263410Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263409Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263408Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263407Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263406Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263405Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263404Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263403Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263402Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263401Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263400Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263399Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263398Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263397Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263396Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.466{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263395Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263394Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263393Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263392Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263391Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263390Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263389Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263388Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263387Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263386Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263385Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263384Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263383Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263382Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263381Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263380Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263379Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263378Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263377Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263376Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263375Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263374Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263373Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263372Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263371Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263370Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263369Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263368Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263367Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263366Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263365Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263364Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263363Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263362Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263361Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263360Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263359Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263358Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263357Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263356Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263355Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263354Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263353Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263352Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263351Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263350Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263349Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263348Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263347Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263346Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.451{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000263345Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:42.120{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=2B305D5AEE6B66533E36F1F0FBCEB1C8,SHA256=790D29697B38E4D528E1D1B4710B813E9B5F6503A1047EE8E85FAE0118C1050E,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179781Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:43.553{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=5D7BF740789D45E51D8FD6449EA2E2D7,SHA256=12E31ECD91E16F2442769A8137CC195DECA9C1A5DC1AEE46F09C212AFF63382A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263460Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:43.134{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=AA581F23C13D475348DB92B1944EE1C7,SHA256=786140C7C419740D7A49B6C5DD28B8BA8F1C4E829572EEE072B021C0C61397C9,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179782Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:44.632{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F639FFA08EB8F9DC39FDCB1765E3689A,SHA256=F9548730D3A04F5665787BE8DE5E574335456C846F58533A6457F634ACA62D7A,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263461Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:44.148{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=183F9C6820A1676BD500AAB339BDDCC7,SHA256=A559DC486333A501D2454842D3E6208BECC71821E724B0315F89843B4E0E1239,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179783Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:45.647{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=20FC5983E79587F58B3FD1BE5FDCE69A,SHA256=5A526B1289E7DECB0B7DB63ED778173E1D0FD2A3FE3DA15AAA268731D3345EAA,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000263463Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:44.245{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.14win-dc-tcontreras-attack-range-356.attackrange.local60409-false10.0.1.12ip-10-0-1-12.eu-central-1.compute.internal8000- 23542300x8000000000000000263462Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:45.179{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F8DB600CC46B4B84080FB7A40F3245B2,SHA256=26EC378A0A495F77B14E29892126311BAF0F231AE6CCE5A01D332355A9926D47,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000179784Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:46.694{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=E3CA77EC6B29B9F69F2DF1E75DC5AE9E,SHA256=FA5C7D02F48C2819AF0CFC8B870A74404B79D7E8FF6B0A041C91B758FF542C96,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263464Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:46.216{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=4C568ADC872EE1F3C31308AB9A377752,SHA256=74F9A7DA5C26F010257FEF9D9B3E97989D21516B3564009486670BB4DEE797BE,IMPHASH=00000000000000000000000000000000falsetrue 354300x8000000000000000179786Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:46.043{F0653C0F-C6F7-61E7-5B00-000000002402}4092C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exeNT AUTHORITY\SYSTEMtcptruefalse10.0.1.15win-host-tcontreras-attack-range-292.eu-central-1.compute.internal53411-false10.0.1.12-8000- 23542300x8000000000000000179785Microsoft-Windows-Sysmon/Operationalwin-host-tcontreras-attack-range-292-2022-01-19 13:25:47.803{F0653C0F-C6FE-61E7-6900-000000002402}3660NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=F03D22FD51A45DFEA9F5B0366C1572B9,SHA256=1ADB755DB8B737E52B4D1089ACE61C9690C50D2F2E1D9B3B8F88035246297DC3,IMPHASH=00000000000000000000000000000000falsetrue 23542300x8000000000000000263582Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.676{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=BF520F695C1A10A056686BEF27626247,SHA256=2BC89B1E5232FA43184B23E37DFD7A247A3781624052614BA52FC3C9A27088EC,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000263581Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED4-61E8-400A-000000002302}7176C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263580Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ED1-61E8-3F0A-000000002302}6592C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263579Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0ECE-61E8-3C0A-000000002302}728C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263578Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D95-61E8-000A-000000002302}7304C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263577Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D92-61E8-F709-000000002302}7808C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263576Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F609-000000002302}6468C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263575Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D91-61E8-F309-000000002302}6348C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263574Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2209-000000002302}4408C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263573Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-091A-61E8-F208-000000002302}2808C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263572Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0917-61E8-F008-000000002302}6956C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263571Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0913-61E8-EE08-000000002302}1116C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263570Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D0AD-61E7-3902-000000002302}5804C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263569Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-D09A-61E7-3802-000000002302}6060C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263568Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE79-61E7-E401-000000002302}3356C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263567Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CE04-61E7-CE01-000000002302}6668C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263566Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CDF7-61E7-CC01-000000002302}4536C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263565Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CD0D-61E7-A101-000000002302}5192C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263564Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CCF8-61E7-9D01-000000002302}5204C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263563Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-7001-000000002302}1432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263562Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC01-61E7-6D01-000000002302}3488C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263561Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CC00-61E7-6C01-000000002302}3768C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263560Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFF-61E7-6A01-000000002302}5432C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263559Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AF00-000000002302}4284C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263558Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83B-61E7-AC00-000000002302}4160C:\Windows\System32\rdpclip.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263557Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C837-61E7-A700-000000002302}3164C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263556Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C780-61E7-8200-000000002302}3256C:\Windows\System32\msdtc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263555Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C719-61E7-7400-000000002302}3996C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263554Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C712-61E7-6B00-000000002302}3928C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_stream\windows_x86_64\bin\streamfwd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263553Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4200-000000002302}3520C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263552Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C707-61E7-4100-000000002302}3508C:\Program Files\Amazon\SSM\ssm-agent-worker.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263551Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C706-61E7-3400-000000002302}3216C:\Windows\system32\conhost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263550Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C705-61E7-3000-000000002302}1576C:\Windows\System32\vds.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263549Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2D00-000000002302}3052C:\Windows\System32\ismserv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263548Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2C00-000000002302}3016C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263547Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263546Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2A00-000000002302}2964C:\Program Files\Amazon\SSM\amazon-ssm-agent.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263545Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2900-000000002302}2948C:\Windows\system32\dfssvc.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263544Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2800-000000002302}2940C:\Windows\system32\dns.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263543Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263542Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2600-000000002302}2800C:\Windows\system32\DFSRs.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263541Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2400-000000002302}2784C:\Windows\ADWS\Microsoft.ActiveDirectory.WebServices.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263540Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C704-61E7-2300-000000002302}2708C:\Windows\System32\spoolsv.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263539Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6FC-61E7-2100-000000002302}2544C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263538Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F4-61E7-1F00-000000002302}2116C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263537Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1700-000000002302}1336C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263536Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1600-000000002302}1216C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263535Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1500-000000002302}1148C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263534Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1400-000000002302}1140C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263533Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1300-000000002302}704C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263532Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1200-000000002302}420C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263531Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1100-000000002302}8C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263530Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-1000-000000002302}96C:\Windows\System32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263529Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F3-61E7-0E00-000000002302}996C:\Windows\system32\LogonUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263528Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0D00-000000002302}900C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263527Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F2-61E7-0C00-000000002302}844C:\Windows\system32\svchost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263526Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0B00-000000002302}640C:\Windows\system32\lsass.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263525Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0A00-000000002302}632C:\Windows\system32\services.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263524Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0900-000000002302}580C:\Windows\system32\winlogon.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263523Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6F0-61E7-0700-000000002302}496C:\Windows\system32\wininit.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263522Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0200-000000002302}324C:\Windows\System32\smss.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263521Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C6EA-61E7-0100-000000002302}4System0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+311b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3293f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 10341000x8000000000000000263520Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263519Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263518Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263517Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263516Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263515Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263514Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263513Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263512Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.498{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263511Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.496{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263510Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.496{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263509Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.496{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263508Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.496{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263507Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.495{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263506Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.496{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263505Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.495{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263504Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.495{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263503Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.495{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263502Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.495{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263501Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.495{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263500Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.495{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263499Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.495{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263498Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.494{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263497Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.494{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263496Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.494{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263495Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.494{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c309(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3c167(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+328b9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64) 10341000x8000000000000000263494Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263493Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263492Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263491Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263490Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263489Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263488Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0A6B-61E8-2109-000000002302}5520C:\Windows\system32\cmd.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263487Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263486Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263485Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-08CE-61E8-E608-000000002302}628C:\Program Files\Notepad++\notepad++.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263484Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263483Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263482Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-060A-000000002302}7740C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263481Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D99-61E8-050A-000000002302}7764C:\Program Files\Internet Explorer\iexplore.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263480Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263479Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0D90-61E8-F109-000000002302}7000C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263478Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-0FA2-61E8-5F0A-000000002302}5892C:\Temp\dnSpy-net-win32\dnSpy.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263477Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263476Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263475Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263474Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263473Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263472Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263471Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B600-000000002302}4920C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263470Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83E-61E7-B700-000000002302}5048C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+32ce2(wow64)|C:\Windows\System32\USER32.dll+290e5(wow64)|C:\Windows\System32\USER32.dll+273ea(wow64)|C:\Windows\system32\apphelp.dll+6741c(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327c9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64) 10341000x8000000000000000263469Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.477{ED6274ED-0D94-61E8-FF09-000000002302}53047368C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe{ED6274ED-C83C-61E7-B500-000000002302}4700C:\Windows\Explorer.EXE0x1000C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\wow64.dll+124f4|C:\Windows\System32\wow64.dll+6e75|C:\Windows\System32\wow64cpu.dll+1d07|C:\Windows\System32\wow64.dll+1bf87|C:\Windows\System32\wow64.dll+cba0|C:\Windows\SYSTEM32\ntdll.dll+783e0|C:\Windows\SYSTEM32\ntdll.dll+77fae|C:\Windows\SYSTEM32\ntdll.dll+6ecfc(wow64)|C:\Windows\System32\KERNELBASE.dll+c6ae8(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3a49f(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+3bda2(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+327a7(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+5124(wow64)|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150d8b4|C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\Discord.exe+150ff57|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+44467(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448a9(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+447d4(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+448ca(wow64)|\\?\C:\Users\Administrator\AppData\Local\Discord\app-1.0.9003\modules\discord_utils-1\discord_utils\discord_utils.node+9f691(wow64)|C:\Windows\System32\KERNEL32.DLL+162c4(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b69(wow64)|C:\Windows\SYSTEM32\ntdll.dll+61b34(wow64) 23542300x8000000000000000263468Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.261{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=D0F2C3F505109685EDE5DC12B9624325,SHA256=1F5AB0124EC2CC1428ADC0A6126D576B6FC9861761489E4C2CBFB1FF594C6C29,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000263467Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.199{ED6274ED-C83C-61E7-B500-000000002302}47004808C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHCORE.dll+64c8|C:\Windows\System32\SHCORE.dll+6497|C:\Windows\System32\SHCORE.dll+6387|C:\Windows\System32\SHCORE.dll+62fd|C:\Windows\System32\SHCORE.dll+620a|C:\Windows\System32\SHELL32.dll+55a20|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11ed7|C:\Windows\System32\USER32.dll+22a53|C:\Windows\SYSTEM32\ntdll.dll+a9824|UNKNOWN(FFFFF80185E73FF8)|UNKNOWN(FFFFFF49E24A5B48)|UNKNOWN(FFFFFF49E24A5CC7)|UNKNOWN(FFFFFF49E24A0351)|UNKNOWN(FFFFFF49E24A1D1A)|UNKNOWN(FFFFFF49E249FFD6)|UNKNOWN(FFFFF80185B8B503)|C:\Windows\System32\win32u.dll+10c4|C:\Windows\System32\USER32.dll+1ea2e|C:\Windows\System32\SHELL32.dll+5928b|C:\Windows\System32\SHELL32.dll+dac4a|C:\Windows\System32\SHCORE.dll+33fad 10341000x8000000000000000263466Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.199{ED6274ED-C83C-61E7-B500-000000002302}47004808C:\Windows\Explorer.EXE{ED6274ED-CBFD-61E7-6801-000000002302}1952C:\Program Files\Mozilla Firefox\firefox.exe0x40C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+221bd|C:\Windows\System32\SHCORE.dll+64c8|C:\Windows\System32\SHCORE.dll+1c0e5|C:\Windows\System32\SHELL32.dll+55501|C:\Windows\System32\USER32.dll+121e4|C:\Windows\System32\USER32.dll+11ed7|C:\Windows\System32\USER32.dll+22a53|C:\Windows\SYSTEM32\ntdll.dll+a9824|UNKNOWN(FFFFF80185E73FF8)|UNKNOWN(FFFFFF49E24A5B48)|UNKNOWN(FFFFFF49E24A5CC7)|UNKNOWN(FFFFFF49E24A0351)|UNKNOWN(FFFFFF49E24A1D1A)|UNKNOWN(FFFFFF49E249FFD6)|UNKNOWN(FFFFF80185B8B503)|C:\Windows\System32\win32u.dll+10c4|C:\Windows\System32\USER32.dll+1ea2e|C:\Windows\System32\SHELL32.dll+5928b|C:\Windows\System32\SHELL32.dll+dac4a|C:\Windows\System32\SHCORE.dll+33fad|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 23542300x8000000000000000263465Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:47.199{ED6274ED-CBFD-61E7-6801-000000002302}1952ATTACKRANGE\AdministratorC:\Program Files\Mozilla Firefox\firefox.exeC:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms~RF122d128.TMPMD5=3BFEABEF62EED5634A3D9EC762FF8CF9,SHA256=8CFFE559F97E8DD9937ED59EDD9BA6381AAF578575E36594FEC60085CDEEFEF0,IMPHASH=00000000000000000000000000000000falsetrue 10341000x8000000000000000263591Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:48.546{ED6274ED-C706-61E7-3400-000000002302}32163236C:\Windows\system32\conhost.exe{ED6274ED-115C-61E8-A60A-000000002302}4416C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\SYSTEM32\ConhostV2.dll+5ca7|C:\Windows\SYSTEM32\ConhostV2.dll+774b|C:\Windows\SYSTEM32\ConhostV2.dll+a8ef|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000263590Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:48.546{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+fd18|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000263589Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:48.546{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11aad|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000263588Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:48.546{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+11058|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000263587Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:48.546{ED6274ED-C6F2-61E7-0C00-000000002302}8445136C:\Windows\system32\svchost.exe{ED6274ED-C704-61E7-2700-000000002302}2932C:\Windows\sysmon64.exe0x1400C:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\System32\KERNELBASE.dll+5eab4|c:\windows\system32\lsm.dll+12023|C:\Windows\System32\RPCRT4.dll+7a563|C:\Windows\System32\RPCRT4.dll+d5bc1|C:\Windows\System32\RPCRT4.dll+52d3c|C:\Windows\System32\RPCRT4.dll+358e4|C:\Windows\System32\RPCRT4.dll+347fd|C:\Windows\System32\RPCRT4.dll+350ab|C:\Windows\System32\RPCRT4.dll+20e9c|C:\Windows\System32\RPCRT4.dll+2131c|C:\Windows\System32\RPCRT4.dll+1049c|C:\Windows\System32\RPCRT4.dll+11cfb|C:\Windows\System32\RPCRT4.dll+1a5ca|C:\Windows\SYSTEM32\ntdll.dll+1d35e|C:\Windows\SYSTEM32\ntdll.dll+1ecc9|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 10341000x8000000000000000263586Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:48.546{ED6274ED-C6EF-61E7-0500-000000002302}424540C:\Windows\system32\csrss.exe{ED6274ED-115C-61E8-A60A-000000002302}4416C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a6144|C:\Windows\system32\basesrv.DLL+2f47|C:\Windows\SYSTEM32\CSRSRV.dll+5645|C:\Windows\SYSTEM32\ntdll.dll+5179f 10341000x8000000000000000263585Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:48.546{ED6274ED-C704-61E7-2B00-000000002302}29883880C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe{ED6274ED-115C-61E8-A60A-000000002302}4416C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe0x1fffffC:\Windows\SYSTEM32\ntdll.dll+a7414|C:\Windows\System32\KERNELBASE.dll+2b860|C:\Windows\System32\KERNELBASE.dll+6b246|C:\Windows\System32\KERNEL32.DLL+1c213|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+ce6a3b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17cade|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18641d|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+17ef16|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c992c4|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+18689b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+189d3c|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c95f5f|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c99fad|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+184c5b|C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe+c7dd7e|C:\Windows\System32\ucrtbase.dll+1fb80|C:\Windows\System32\KERNEL32.DLL+84d4|C:\Windows\SYSTEM32\ntdll.dll+51791 154100x8000000000000000263584Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:48.547{ED6274ED-115C-61E8-A60A-000000002302}4416C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe8.0.2Network monitorSplunk ApplicationSplunk Inc.splunk-netmon.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunk-netmon.exe"C:\Windows\system32\NT AUTHORITY\SYSTEM{ED6274ED-C6F0-61E7-E703-000000000000}0x3e70SystemMD5=8746B8C1724B67C2B1261446C0CFAA57,SHA256=7EFD09FD383FAA75C5D2990E6DBBFD846AEAA08B7037C7D66B4A0EF2AE0866B3,IMPHASH=7B985F47B35272AD7B5218255ACE7AEC{ED6274ED-C704-61E7-2B00-000000002302}2988C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe"C:\Program Files\SplunkUniversalForwarder\bin\splunkd.exe" service 23542300x8000000000000000263583Microsoft-Windows-Sysmon/Operationalwin-dc-tcontreras-attack-range-356.attackrange.local-2022-01-19 13:25:48.276{ED6274ED-C719-61E7-7400-000000002302}3996NT AUTHORITY\SYSTEMC:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exeC:\Program Files\SplunkUniversalForwarder\var\lib\splunk\modinputs\WinEventLog\Microsoft-Windows-Sysmon_OperationalMD5=8F809B825C4710E9DB7E74DD247A95CC,SHA256=4BE4FCA58CD4EAFBFB50F84ABDABA6F365875E6CB852D33AADF7CCE79110B4C4,IMPHASH=00000000000000000000000000000000falsetrue